Author |
Message |
   
Soulful Mr T
Citizen Username: Howardt
Post Number: 975 Registered: 11-2004

| Posted on Wednesday, October 19, 2005 - 6:48 am: |    |
HIGH RISK, it says. Trojan.Elitebar at pokapoka76.exe What can I do? The Virus Alert window won't go away when I click "OK" or try to close the window. This page has Symantic's description. http://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html,htt p://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html |
   
Network & PC Care
Citizen Username: Npccare
Post Number: 113 Registered: 5-2005
| Posted on Wednesday, October 19, 2005 - 7:11 am: |    |
Did you try running a scan in safe mode?
|
   
Soulful Mr T
Citizen Username: Howardt
Post Number: 976 Registered: 11-2004

| Posted on Wednesday, October 19, 2005 - 7:33 am: |    |
How do I do that? And will it do more than just identify the threat? |
   
Soulful Mr T
Citizen Username: Howardt
Post Number: 977 Registered: 11-2004

| Posted on Wednesday, October 19, 2005 - 7:39 am: |    |
Also, how do I get the Norton message to close? |
   
Bailey
Citizen Username: Baileymac
Post Number: 35 Registered: 3-2005
| Posted on Wednesday, October 19, 2005 - 8:48 am: |    |
You should be able to just quit Norton - if not, type control-alt-delete, task manager window pops up, just end task. To start in safe mode - Restart the computer. Some computers have a progress bar that refers to the word BIOS. Others may not let you know what is happening. As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears. If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. If this happens, restart the computer and try again. Using the arrow keys on the keyboard, select Safe mode and then press Enter. Once in Safe Mode, you should try running Norton again.
|
   
Earlster
Supporter Username: Earlster
Post Number: 1345 Registered: 8-2003

| Posted on Wednesday, October 19, 2005 - 3:45 pm: |    |
You DON'T WANT PokaPoka on your machine. I never had it myself, but I've seen it. Make sure not to run the executable, and then delete the file. If you still can't get rid of it, I might be able to get you in touch with somebody who went through it. |
   
Case
Citizen Username: Case
Post Number: 424 Registered: 2-2005
| Posted on Wednesday, October 19, 2005 - 5:11 pm: |    |
Yep, that's a bad one. Here's some background: http://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html http://www.atribune.org/forums/index.php?showtopic=773&hl=pokapoka Here's the program you'll need to download for me: http://www.majorgeeks.com/download3155.html When you get "hijack this" downloaded (the last link above), PM me and I'll walk you through the removal.
|
   
Case
Citizen Username: Case
Post Number: 425 Registered: 2-2005
| Posted on Wednesday, October 19, 2005 - 5:16 pm: |    |
Incidentally, the program "Hijack This" is really not something most of us want to play with... it can have extremely negative results if not handled properly. Here's a good online trojan hunter: http://www.trendmicro.com/cwshredder/ And this is an excellent resource for scanning (sometimes.... if your PC is infected the malware knocks out your antivirus software - an online scanner like this doesn't have that problem): http://housecall.trendmicro.com/
|
   
Gatica
Citizen Username: Katracho
Post Number: 155 Registered: 11-2002

| Posted on Thursday, October 20, 2005 - 9:14 am: |    |
I hate it when Norton does that. Because it could not repair it, then it has to be removed manually. Doable, but it just takes time. If I did not know any better, I'd say it defeats the purpose of having the anti-virus program to begin with. Then again, I don't want to get any of my computers infected with any of the less harmful stuff. Removing spyware: Try using Spybot Search and Destroy and LavaSoft's Ad-Aware. You can get free copies at http://www.download.com. If these two can't clean the spyware, then you may need to run Hijackthis and CWShredder. |
   
Tom Reingold
Supporter Username: Noglider
Post Number: 10214 Registered: 1-2003

| Posted on Thursday, October 20, 2005 - 10:57 am: |    |
Gatica, it's not necessarily Norton's fault. Windows doesn't let you remove a file that is "open" and some viruses are designed to keep the files open all the time. When you are in safe mode, there are few or no irremovable files.
|
   
Gatica
Citizen Username: Katracho
Post Number: 156 Registered: 11-2002

| Posted on Thursday, October 20, 2005 - 11:03 am: |    |
Ah... right. |
   
Case
Citizen Username: Case
Post Number: 430 Registered: 2-2005
| Posted on Thursday, October 20, 2005 - 1:12 pm: |    |
The "good" trojans are actually self-replicating, even in the registry. What that means is you can go into the registry and remove the entry... and the damned thing re-appears at the next boot. Incidentally, that can even occur in Safe mode (but Tom, you're absolutely right that Safe mode will fix 'easier' file issues).
|