Tonymandala
Posts: 12 +0
Hello,
I am trying to fix a friends computer.
They were running an out of date version of Norton.
Win XP Home sp2.
There is a popup from the system tray with big red cross "Spyware has been detected...click here and windows will download the latest antispyware program"
I tried to install AVG but it would not install in normal or safe mode.
I managed to install C Cleaner in safe mode, cleaned all the cookies & temp files and stopped all non essential startups.
I Loaded some programs to a folder on C drive and tried to run them in safe mode.
vcleaner & Sophos, detected nothing.
Hijack this would not run
Fix blast nothing, etc...
After some hours of wathcing the file names flick before my eyes
i took the "House Call" online check and eventually it found a Trojan but stupidly i didnt write down the name (something like EULO Trojan ??) i clicked delete and re-booted, all pleased with myself, only to find the problem persisted !
I ran another Housecall scan of the system32 folder and found a file "karin.dat"
I deleted this but it just comes back again.
In my frustration i then did something stupid, yes i clicked the popup !
It installed something claiming to be windows security center, put an icon on my desktop just like a real program.
I can now no longer connect to the internet at all or install anything.
I am going to try TechSpot Trojan remover program but fear it won't install.
Do any of you knowledgable folk know where the originating file might be or what it is called, don't see anything on root "C". Housecall didn't pick up anything in the Docs & Settings folder.
Searching for "Karin Trojan " just turns up "SpyNoMore" but i'm not sure if that is good ?? Is this brand new perhaps ?
I have seen the list of progs to try in other posts but i fear they won't install.
I am toying with the idea of putting the drive in my computer and running them but thats a bit frightening !! Perhaps you know of another program i can run from CD in safe mode ?
Its a Compaq and has the possibility to re-install windows but i think that doesn't delete user documents so may not solve the problem ?
Hope someone can help, Thanks in advance, Tony
I am trying to fix a friends computer.
They were running an out of date version of Norton.
Win XP Home sp2.
There is a popup from the system tray with big red cross "Spyware has been detected...click here and windows will download the latest antispyware program"
I tried to install AVG but it would not install in normal or safe mode.
I managed to install C Cleaner in safe mode, cleaned all the cookies & temp files and stopped all non essential startups.
I Loaded some programs to a folder on C drive and tried to run them in safe mode.
vcleaner & Sophos, detected nothing.
Hijack this would not run
Fix blast nothing, etc...
After some hours of wathcing the file names flick before my eyes
i took the "House Call" online check and eventually it found a Trojan but stupidly i didnt write down the name (something like EULO Trojan ??) i clicked delete and re-booted, all pleased with myself, only to find the problem persisted !I ran another Housecall scan of the system32 folder and found a file "karin.dat"
I deleted this but it just comes back again.
In my frustration i then did something stupid, yes i clicked the popup !
It installed something claiming to be windows security center, put an icon on my desktop just like a real program.
I can now no longer connect to the internet at all or install anything.
I am going to try TechSpot Trojan remover program but fear it won't install.
Do any of you knowledgable folk know where the originating file might be or what it is called, don't see anything on root "C". Housecall didn't pick up anything in the Docs & Settings folder.
Searching for "Karin Trojan " just turns up "SpyNoMore" but i'm not sure if that is good ?? Is this brand new perhaps ?
I have seen the list of progs to try in other posts but i fear they won't install.
I am toying with the idea of putting the drive in my computer and running them but thats a bit frightening !! Perhaps you know of another program i can run from CD in safe mode ?
Its a Compaq and has the possibility to re-install windows but i think that doesn't delete user documents so may not solve the problem ?
Hope someone can help, Thanks in advance, Tony
