SCO Spyder 0 Posted October 11, 2003 Share Posted October 11, 2003 hey everyone, i use norton anti-virus 2003 and i tried givin my comp a scan just for the usual check-up, and it isnt working. It says scan in progress, everything looks normal, cept all it says is C: with nothing after it and it will not scan anything, i left it like that for 5 min, not 1 file scanned. Then i went to the Symantec. web-page and found something on there to scan and it worked, and came back saying i had like 7 trojans and something else which sux cuz i cant get rid of them because my norton wont scan. I remember going to 1 site a while back that scanned ur comp and deleted any viruses it found, so, if anyone can help me out wit norton or know of a site like the 1 i was at a while ago, i would GREATLY appreciate it. Thx Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 11, 2003 Share Posted October 11, 2003 Some of these clever new Viruses are a real pain m8, MSBlast for example seems to have a mysterious facility to stop Norton AV updating online and in some cases stops it scanning altogether too. Despite Firewalls and Norton AV, MSBlast still found its way onto my system before many of the AV software manufacturers had a chance to sus the Virus out and issue the updates or the stand-alone cleaners when it first got out, it's possible that you have something like that m8 !!??!! I'm not saying you have for sure obviously, but that is a known effect of MSBlast if you have!! The W.32 Klez series can do that too!! On Nortons Website there is a stand-alone cleaner for MSBlast, Klez and other well known Trojans and Viruses that you can download and run and it will clean the ###### of ya system, obviously hoping that it hasn;t done any damage too. I got away with it, but a freinds system had many of his XP files overwritten by false updated ones and he was right up ###### creek and the only cure was a format and re-install too !! Also on the Windows update sites there is an update that can offer greater protection against MSBlast for example too, (if you haven't already of course), get yaself over there and dload and install that too ! Otherwise I've never had any poblems with Norton AV such as you mention, only when I knew I had MSBlast and got the same errors. Once that was sorted then Norton AV ran fine again too!! If all that has nothing to do with it, then obviously try unb-instyalling and re-installing it incase it was a bad install etc, it does happen occasionly too obviously. Other than that the Norton AV's are very easy to use and laid out for simple operation. Hope ya get somewhere with it but if ya need more indepth help on how best to operate it or set up some of the more advanced features etc them just post back, many here use it and can no doubt help you out and give further suggestions to possible causes as it could be a number, I've just mentioned one that I experienced that's all !! Good Luck!! Quote Link to post Share on other sites
Specter 0 Posted October 11, 2003 Share Posted October 11, 2003 Go here and Dl the free Trojan Remover. Then try and run NAV again. EDIT : Also go here for a free online virus scanner. If you are still having trouble after this, post again, and wee will get you fixed up. Quote Link to post Share on other sites
SCO Spyder 0 Posted October 12, 2003 Author Share Posted October 12, 2003 Hey everyone, i have discoverd which files are infected by the virus and 5 trojans i have, there not even listed on Nortons sight, and none of the previous trojan stoppers or whatever u wanna call them dosnt even detect them. I have talked to a friend and he tells me to start up in dos and delete them. I dont know how to do that and wat he tells me to do dosnt work. I have Windows ME too incase that changes anything. Any and all help is greatly appreciated. THX Quote Link to post Share on other sites
SCO Spyder 0 Posted October 12, 2003 Author Share Posted October 12, 2003 I got the 2 things from the links u gave me, they dont fix my problems. If u'v read my newest post, i'v found where the infected files are, and need to get into msdos on start-up to delete the infected files. If anyone can help me do this, i'd greatly appreciate it. THX for ur time Quote Link to post Share on other sites
Specter 0 Posted October 12, 2003 Share Posted October 12, 2003 Reboot your PC...while doing so, hit F8 a couple of times until a boot options menu comes up. When it does, choose Start from a Command Prompt. Once you do this, change to the drive that the files you want to delete are on like so: C:\> cd D:, and hit enter. Once you do that, change into the directory where the files are following the same steps...CD Directory name, and hit enter. Once you are where the files are, type in DEL filename, and hit enter. You should also be able to boot into Safe Mode and accomplish the same thing. Quote Link to post Share on other sites
Specter 0 Posted October 12, 2003 Share Posted October 12, 2003 I merged both your threads, as they are about the same issue. Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 12, 2003 Share Posted October 12, 2003 Spyder..... Got ya PM and have temporarily added you to my ICQ if we cross paths on there lol, I'm UK and probably a different Time zone to you completely though lol??? Otherwise, list what the names of these Virus/Trojan Applications or Filenames that NAV is telling you they are heree as well, that "may" help us in getting you the right cleaner to hopefully get these sods off ya system for you ! Did you also make up the Emergency Virus discs with NAV too??....If so, that will help you out in DOS as well. Just stick Disc 1 into ya floppy drive, reboot, pop into ya BIOS and change the Boot Sequence to boot the Floppy as the "First Boot Device" and that will automatically take you straight into DOS and it "should" give you a DOS version of NAV to work with to finding the files as well. It can then do a scan from DOS and if it can find the files from there itself, it may even delete the files for you without you having to manually search for them too !! Certainly worth a try. Otherwise, the names of these suspect Files would be of great help to helping you m8!! Quote Link to post Share on other sites
SCO Spyder 0 Posted October 13, 2003 Author Share Posted October 13, 2003 (edited) Well, i just got some n dunno how much longer im gonna be on, but so far, this is wat my virus scanner im using has found, there is more, all in the same area. Heres wat it tells me: File C:\_RESTORE\TEMP\A0104748.CPY is infected with: Trojan.Hatkey File C:\_RESTORE\TEMP\A0105712.CPY is infected with: Trojan.MulDrop.420 File C:\_RESTORE\TEMP\A0124007.CPY is infected with: Trojan.BotKill EDIT: heres a new 1 : File C:\_RESTORE\TEMP\A0142474.CPY is infected with: Modification of BackDoor.Generic.82 EDIT#2: Heres a few more : File C:\_RESTORE\TEMP\A0201614.CPY is infected with: Trojan.BotKill File C:\_RESTORE\TEMP\A0201618.CPY is infected with: Trojan.BotKill File C:\_RESTORE\TEMP\A0205307.CPY is infected with: Modification of BackDoor.Generic.593 Edit#3: like 7 more with the Trojan.Hatkey Hope this helps. Edited October 13, 2003 by SCO Spyder Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 13, 2003 Share Posted October 13, 2003 Aha, I can see now why it may not be allowing you to delete them, it's very cleverly put the files into your "System Restore" directory and it won't allow you to delete files from there whilst "System Restore" is enabled!! You may be OK yet !! If you have a new one though it sounds like it's reproducing versions of itself or growing by adding different types of Trojans etc. In the meantime try to avoid rebooting your computer, butyou will have to reboot to turn off your "Sys Restore" tho, but them hopefully you can get rid of the damn things !! Now I'm trying to rack my brains to remember how to turn off the Sys Restore in WinME LMAO.....Can't believe I've forgotten such basic info already LOL......If you know how to do it tho whilst I refresh my memory as I'm getting this post up here quick if ya only here for a short time....... Then Disable ya System Restore, then you should be able to either... A) Right click on the individual files and delete them manually, or B) Run Norton again and Norton may be able to remove them for you when the Sys Restore is disabled..... Go to it, and will go remind myself how to disable the Sys Restore in ME, just got too used to using XP so much of late that's all rofl!!! And don't worry about disabling Restore either, once those evil files are out you can enable it again and it should be fine ! Then get NAV running overtime, it should work properly once they are out !! Quote Link to post Share on other sites
SCO Spyder 0 Posted October 13, 2003 Author Share Posted October 13, 2003 Well, i have no clue how to disable system restore, and i have changed my mind and will prolly be here all night till i go to bed. But, if u ( urban ) or anyone else out there reading this knows how to disable System Restore on Windows ME, PLZ PLZ PLZ POST IT!!!! Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 13, 2003 Share Posted October 13, 2003 (edited) OK, hope ya still here and ya comp hasn't died !! TRYING TO GET YOU ON ICQ TOO, TURN YA ICQ ON M8!!!!!!!!!!!!!!1 On Windows desktop, right-click My Computer > Properties. Click the Performance tab. Click File System. Click the Troubleshooting tab. Check Disable System Restore, click OK, and then click Close. Click Yes to restart. This disables the System Restore feature and will purge the contents of the _RESTORE folder when the system is restarted. Run LiveUpdate and download the latest virus definitions, and then get scanning like mad lol. Once ya happy that you've got em, then go back thru and un-check the Disable System Restore Box !! That should get you on your way to purging your evil residents and hopefully you'll be a happier chappy again too !! Good luck ! Edited October 13, 2003 by Urban_Tiger Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 13, 2003 Share Posted October 13, 2003 (edited) Spyder...... I know you've gone off to try a boot in safe mode after contact on ICQ.... But incase ya can't get on ICQ but ya can here and you run into problems etc (and this will also be here FYI for others too should they find themselves in similar difficulty too )!!! Ya Trojan is looking most likely to be a Multidropper, (hence the name Muldrop in one of the files). That is like an initiator put in the simplest of terms basically. It then kinda drops other Trojans as it works, the crafty little barsteward (Trojans can't replicate like Virii can, so some clever sod designed themselves one that multidrops numerous Trojans for maximum damage to those unlucky enough to get lumped obviously , which is why you now have several different types of Trojan reported on your system, when ordinarily other Trojans wouldn't create others in that manner !!! Alarmingly Norton don't seem to have any indepth definitions or information on it yet, so whether this is a new one or what I dunno???? Either way it could be why your Norton missed it in the first place if it's set to Auto-Detect etc!! Edited October 13, 2003 by Urban_Tiger Quote Link to post Share on other sites
Urban_Tiger 0 Posted October 13, 2003 Share Posted October 13, 2003 Spyder..... How did ya end up in the end then m8 (hadn't realised we spent nearly 4 hours on ICQ last nite either getting you on the right road rofl, doesn't time fly rofl)!! Did you succesfully delete all those files in the end etc?? Hope ya managed it and things have improved for ya anyway !! Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.