Norton found a virus it's "unable to ... Log Out | Lost Password? | Topics | Search
Contact | Register | My Profile | SO home | MOL home

M-SO Message Board » Technology & The Internet » Archive through November 21, 2005 » Norton found a virus it's "unable to repair" « Previous Next »

  Thread Originator Last Poster Posts Pages Last Post
  ClosedClosed: New threads not accepted on this page          

Author Message
Top of pagePrevious messageNext messageBottom of page Link to this message

Soulful Mr T
Citizen
Username: Howardt

Post Number: 975
Registered: 11-2004


Posted on Wednesday, October 19, 2005 - 6:48 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

HIGH RISK, it says.

Trojan.Elitebar at pokapoka76.exe

What can I do? The Virus Alert window won't go away when I click "OK" or try to close the window.

This page has Symantic's description.
http://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html,htt p://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html
Top of pagePrevious messageNext messageBottom of page Link to this message

Network & PC Care
Citizen
Username: Npccare

Post Number: 113
Registered: 5-2005
Posted on Wednesday, October 19, 2005 - 7:11 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Did you try running a scan in safe mode?
Top of pagePrevious messageNext messageBottom of page Link to this message

Soulful Mr T
Citizen
Username: Howardt

Post Number: 976
Registered: 11-2004


Posted on Wednesday, October 19, 2005 - 7:33 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

How do I do that? And will it do more than just identify the threat?
Top of pagePrevious messageNext messageBottom of page Link to this message

Soulful Mr T
Citizen
Username: Howardt

Post Number: 977
Registered: 11-2004


Posted on Wednesday, October 19, 2005 - 7:39 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Also, how do I get the Norton message to close?
Top of pagePrevious messageNext messageBottom of page Link to this message

Bailey
Citizen
Username: Baileymac

Post Number: 35
Registered: 3-2005
Posted on Wednesday, October 19, 2005 - 8:48 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

You should be able to just quit Norton - if not, type control-alt-delete, task manager window pops up, just end task.
To start in safe mode -

Restart the computer.
Some computers have a progress bar that refers to the word BIOS. Others may not let you know what is happening.
As soon as the BIOS loads, begin tapping the F8 key on your keyboard. Do so until the Windows Advanced Options menu appears.
If you begin tapping the F8 key too soon, some computers display a "keyboard error" message. If this happens, restart the computer and try again.
Using the arrow keys on the keyboard, select Safe mode and then press Enter.
Once in Safe Mode, you should try running Norton again.
Top of pagePrevious messageNext messageBottom of page Link to this message

Earlster
Supporter
Username: Earlster

Post Number: 1345
Registered: 8-2003


Posted on Wednesday, October 19, 2005 - 3:45 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

You DON'T WANT PokaPoka on your machine. I never had it myself, but I've seen it.

Make sure not to run the executable, and then delete the file.

If you still can't get rid of it, I might be able to get you in touch with somebody who went through it.
Top of pagePrevious messageNext messageBottom of page Link to this message

Case
Citizen
Username: Case

Post Number: 424
Registered: 2-2005
Posted on Wednesday, October 19, 2005 - 5:11 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Yep, that's a bad one. Here's some background:

http://securityresponse.symantec.com/avcenter/venc/data/trojan.elitebar.html

http://www.atribune.org/forums/index.php?showtopic=773&hl=pokapoka

Here's the program you'll need to download for me:

http://www.majorgeeks.com/download3155.html


When you get "hijack this" downloaded (the last link above), PM me and I'll walk you through the removal.





Top of pagePrevious messageNext messageBottom of page Link to this message

Case
Citizen
Username: Case

Post Number: 425
Registered: 2-2005
Posted on Wednesday, October 19, 2005 - 5:16 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Incidentally, the program "Hijack This" is really not something most of us want to play with... it can have extremely negative results if not handled properly.


Here's a good online trojan hunter:

http://www.trendmicro.com/cwshredder/


And this is an excellent resource for scanning (sometimes.... if your PC is infected the malware knocks out your antivirus software - an online scanner like this doesn't have that problem):

http://housecall.trendmicro.com/
Top of pagePrevious messageNext messageBottom of page Link to this message

Gatica
Citizen
Username: Katracho

Post Number: 155
Registered: 11-2002


Posted on Thursday, October 20, 2005 - 9:14 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

I hate it when Norton does that. Because it could not repair it, then it has to be removed manually. Doable, but it just takes time. If I did not know any better, I'd say it defeats the purpose of having the anti-virus program to begin with. Then again, I don't want to get any of my computers infected with any of the less harmful stuff.

Removing spyware:
Try using Spybot Search and Destroy and LavaSoft's Ad-Aware. You can get free copies at http://www.download.com. If these two can't clean the spyware, then you may need to run Hijackthis and CWShredder.
Top of pagePrevious messageNext messageBottom of page Link to this message

Tom Reingold
Supporter
Username: Noglider

Post Number: 10214
Registered: 1-2003


Posted on Thursday, October 20, 2005 - 10:57 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Gatica, it's not necessarily Norton's fault. Windows doesn't let you remove a file that is "open" and some viruses are designed to keep the files open all the time. When you are in safe mode, there are few or no irremovable files.
Top of pagePrevious messageNext messageBottom of page Link to this message

Gatica
Citizen
Username: Katracho

Post Number: 156
Registered: 11-2002


Posted on Thursday, October 20, 2005 - 11:03 am:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

Ah... right.
Top of pagePrevious messageNext messageBottom of page Link to this message

Case
Citizen
Username: Case

Post Number: 430
Registered: 2-2005
Posted on Thursday, October 20, 2005 - 1:12 pm:   Edit PostDelete PostPrint Post   Move Post (Moderator/Admin Only)

The "good" trojans are actually self-replicating, even in the registry. What that means is you can go into the registry and remove the entry... and the damned thing re-appears at the next boot.

Incidentally, that can even occur in Safe mode (but Tom, you're absolutely right that Safe mode will fix 'easier' file issues).

Topics | Last Day | Last Week | Tree View | Search | User List | Help/Instructions | Credits Administration