Big Problems installing Norton:(

Question

Sup guys I hav spent the past three days trying to get rid this virus i hav on my PC. I just bought Norton yesterday and tried to install it but my PC continues to freeze. Someone told me I can download Norton in safe mode but Norton told me I hav to download in normal mode. So I went back to normal mode and my PC keeps freezing when I try to download the software. Is there any other way around this?? Can I download Norton in safe mode?? I really need help guys any info will be greatly appreciated.

Midnight Star · Answer

cassio,

I haven't tried this, so Jim or John might know for sure, but i'm wondering if your directly connected to the internet using ethernet, if you could use "Safe Mode with Networking"? Don't know if 'winsock' is loaded or not at that point.

If you can run HiJackThis, post up a log and we'll see if we can locate the problem file.

Mike.

cassio83 · Answer

hi thx for repling:) first thing is what is hi jacking? I ive been hearing alot about it lately. I used safe mode with networking and that didnt work either. Im connected through my router with DSL. Another question is what is winsock? ok thx guys.

Midnight Star · Answer

cassio,       'Hijacking' is where a program or program(s) gets installed on your computer, without your permission or knowledge, that will translate what you want to see, into what it want's you to see. For example, each time you turn your computer on, your forced to start off with a 'search' webpage, instead of a home page of your choosing. If you try to change it, it will force you back to what it wants.       In a sense, it takes ownership and control of your computer (personal property), away from you, and puts it in the hands of the person who wrote the program(s).       Many times the code is so poorly written, or written in a non-optimized programming language, system slowdowns, or strange error messages, are the main symptoms of an 'infection'.         Winsock is a series of programs, we'll call them protocols since this is their function, that allows data to be sent and received over the internet.       If you try to send a webpage request, and the winsock chain is broken (a program is missing in the list) then more than likely the request cannot be completed. It's structured like a work environment, where, let's say that the worker is the lowest level in the chain, and the supervisor is the highest. Let's assume again that the only communication up and down the chain are written memos. If someone in the chain isn't there, then there's no way for the memo to go any farther - so the receiver will never get the message.       Winsock is like that. It's a series of linked programs that will pass internet packets either up or down the ' winsock chain' (to or from your computer). Some programmers realized that they could intercept these data packets and do whatever they wanted, like re-writing them. So now, when a webpage is displayed, there's added links and other garbage not contained in the original works (the webpage). Or intercept your request for GOOGLE and change it to a search engine of their choice...       ... all this, without a way for you to undo it.        Now, what's even more interesting, is, since marketing is alot cheaper on the internet (less overhead), a company can get massive exposure by having the many thousands of website owners provide links to their products on the website owner's webpages; porn links are known for this.        So let's provide the incentive...        If you provide a link to their products on your webpage (so when other people go to your site, they see someone elses products - this uses your reputation to sell their junk!), and someone clicks on the link you've provided (a click through - it's called), then you'll get .05 cents. So, if you consider the amount of traffic that can be generated by a well known website, that adds up to some big, big bucks really fast! Think about it, the computer is doing all the work, and your cashing the check! Now what's the contribution to society as a whole ... nothing.       So what do you do if your not well known, and want to make a fast buck. The answer: write a hijacker program. That way, thousands, upon thousands of computers will all default to a website that each time you click a link, they'll get .05 cents. Sounds really good doesn't it ... and it's all at your expense. Shouldn't you get a portion of the proceeds since their using your computer to make themselves money? Without your permission?     You can also learn alot by simply doing a GOOGLE on 'winsock' and 'hijacker' 'what is it'.   I hope some of that helps,   Mike.

cassio83 · Answer

ok mike thx a ton:) im gonna try both of those methods right now. I did a free scan already and the scan said I had a W32 Spybot Worm virus. :( ok im gonna see how this goes thx.

cassio83 · Answer

sup mike thx for great info u just gave me, i greatly appreciate it:) Im going to school right now to learn this stuff and for my computer to be in this horrific condition.... this is a very good learning experience for me. All of those symptoms were on my PC before It had worsened. So what are my options to getting rid of this virus? I cant install Norton in normal version cuz my PC keeps freezing:( And I've tried in safe mode. My professor told me there is a way I can install Norton on system in safe mode. I've emailed him asking how but haven't gotten a response yet. So is there a way to install Norton in safe mode? Are there any settings I have to change to install Norton in safe mode? thanks for giving me your time.

Message Edited by cassio83 on 11-12-2004 01:24 PM

Message Edited by cassio83 on 11-12-2004 01:25 PM

Midnight Star · Answer

cassio,       If your system freezes when booting into normal mode, try booting into ' Last known good configuration'.       Try selecting a ' System Restore' point to go back to from ' Safe Mode'.       HiJackThis is small enough to put on a floppy diskette, then after your computer if booted up into ' Safe Mode', just run it directly from the floppy.       I've helped someone else run Norton's from ' Safe Mode'; some things won't work like MBR checking - but the scan seemed to run. I haven't done this before on my system, so I can tell you whether it will work, or whether, if it finds something, it's able to succesfully remove it.       Mike.

Midnight Star · Answer

cassio,   I'm studying registry stuff right now ...  :)   You might try the ' Free Online Scan' available at www.trendmicro.com and see if it can flush it out.   Also consider posting up a HiJackThis log for me to look at. I might be able to locate the problem, if it's currently running or starting up on your pc.   Mike.

cassio83 · Answer

ok how do i run hi jackthis to show what the problem is? Also how does the system restore point work?

cassio83 · Answer

Hey Mike I tried to put HiJackThis log on the thread but it was too long for the thread. How can I get it on here without using too many characters?

Midnight Star · Answer

cassio, How's school coming along? ok how do i run hi jackthis to show what the problem is? Also how does the system restore point work? Note quite sure just yet, but my studies are getting me there ... :)   I'd venture a guess at this point, that it makes copies of the main registry files, passed that point, which system or application programs are backed up and why, not sure.  Hey Mike I tried to put HiJackThis log on the thread but it was too long for the thread. How can I get it on here without using too many characters? Try removing the extra carriage returns between the entry(s), or load it up in note pad and uncheck 'Format/ Wordwrap'., then 'Edit/Select all'. If it's still too large, try breaking it up into multiple posts. If your not sure, PM me and i'll send you my e-mail address where you can send me the log as an attachment. Mike.       11-14-2004 02:15 PM

Virus & Spyware

Was this post helpful?