We'd like to remind Forumites to please avoid political debate on the Forum. This is to keep it a safe and useful space for MoneySaving discussions. Threads that are - or become - political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
Trojan horse help please!
tigs78
Posts: 539 Forumite
in Techie Stuff
Hi
My friend rang me tonight, she has had an error message from Norton antivirus...
"Norton alert 'Virus alert high risk. Norton anti virus has detected a virus on your computer. object name c:/WINDOWS/system32/msnname.exe Virus name trojan horse. action taken unable to repair this file."
I am no techno whizz but know a little more than her so I tried to install and run spybot (over the phone!) and when we get to the page where you 'run' spybot a program control message comes up High risk is-r09s7.tmp (the zero could be the letter O - difficult to tell over the phone) is attempting to connect to a DNS server. What do you want to do - Norton recommends always block connections from this program.
From this limited information can anyone tell whether the second norton alert is actually the 'good' spybot program trying to install or something 'bad'. She has clicked to block access as the file name doesn't look anything like the name of what we are trying to install 'spybot'.
Thanks in advance for any thoughts.
My friend rang me tonight, she has had an error message from Norton antivirus...
"Norton alert 'Virus alert high risk. Norton anti virus has detected a virus on your computer. object name c:/WINDOWS/system32/msnname.exe Virus name trojan horse. action taken unable to repair this file."
I am no techno whizz but know a little more than her so I tried to install and run spybot (over the phone!) and when we get to the page where you 'run' spybot a program control message comes up High risk is-r09s7.tmp (the zero could be the letter O - difficult to tell over the phone) is attempting to connect to a DNS server. What do you want to do - Norton recommends always block connections from this program.
From this limited information can anyone tell whether the second norton alert is actually the 'good' spybot program trying to install or something 'bad'. She has clicked to block access as the file name doesn't look anything like the name of what we are trying to install 'spybot'.
Thanks in advance for any thoughts.
0
Comments
-
So, has she been able to install, run and update SpyBot Search & Destroy?0
-
Did you get her to download the intsallation file or to just run it from the internet ?? Best to download the file then run it.install it from the pc. Then run the updater - you will see this go to the web for the updates.
Block the *.tmp file .. trojans like to phone home ffor instruction.Rich people save then spend.
Poor people spend then save what's left.0 -
No, we manage to do the install but the final stage of the install prompts you to 'run' and that is when the second Norton message comes up.
Thanks for your interest0 -
Sorry, not making myself very clear. She downloaded spybot but she can't run spybot because Norton is popping up the message at the final part of the install.0
-
If Norton is unable to repair the file, then why not delete it? The path is clearly shown. Go there(C:/WINDOWS/system32..., make a copy of the file and place it in a specially created 'Quarantine' folder and then delete it from the system32 folder.
That way, if it is an important file, she can replace it. I don't think it is an important file.0 -
It didn't give her that option, because it mentioned Trojan Horse she is worried that her whole computer is infected, if it was just one file that was infected that would be good news.0
-
Thanks for edited info, will go round tomorrow and try that for her. Don't think I could do that over the phone!0
-
Print off the malware/spyware sticky post at top and remember do the updates online but reboot into safe mode to do the scanning - good luck
Put the trojans name in google and/or look on the Symantec site for specific removal instructions, alternatively you may need stinger.exe if it is listed as one of the trojans it removesRich people save then spend.
Poor people spend then save what's left.0 -
Thanks, hadn't seen that - was in a bit of a panic on her behalf!0
This discussion has been closed.
Categories
- All Categories
- 346.2K Banking & Borrowing
- 251.2K Reduce Debt & Boost Income
- 451.1K Spending & Discounts
- 238.3K Work, Benefits & Business
- 613.4K Mortgages, Homes & Bills
- 174.5K Life & Family
- 251.5K Travel & Transport
- 1.5M Hobbies & Leisure
- 16K Discuss & Feedback
- 15.1K Coronavirus Support Boards