Nortons message

  • Thread starter Thread starter Another Dave
  • Start date Start date
A

Another Dave

I am still struggling to remove all the Spy Trooper Trojans.

At start-up a window pops up saying "Norton antivirus does not support
the repair" and to uninstall and reinstall Nortons.

Is this a genuine Nortons message or is it being caused by the Trojan
-- which I am sure would love me to uninstall Nortons?

Nortons tells me that the computer is infected by a file called
hpd764.tmp which is in windows\system32 and it cannot repair or remove
this.

Any advice gratefully received,
 
Another said:
I am still struggling to remove all the Spy Trooper Trojans.
Click to expand...

There comes a point where it's probably less effort to just vape the
install and start again from scratch. That way you know that you'll be
malware free from the start.
 
Another Dave said:
I am still struggling to remove all the Spy Trooper Trojans.

At start-up a window pops up saying "Norton antivirus does not
support
the repair" and to uninstall and reinstall Nortons.

Is this a genuine Nortons message or is it being caused by the
Trojan
-- which I am sure would love me to uninstall Nortons?

Nortons tells me that the computer is infected by a file called
hpd764.tmp which is in windows\system32 and it cannot repair or
remove
this.

Any advice gratefully received,
Click to expand...

Some malware requires a customized procedure to fully remove. Unless
you have Version 10 or later of Norton AV, it won't track this kind of
thing at all, and even then it typically takes some time to develop a
cleanup. As of now, there is nothing about "Spy Trooper" on their
site. But have a look here:

http://www.geekstogo.com/forum/index.php?act=ST&f=37&t=76880

This is a site with some very knowledgeable folks, and I think that if
you take the time to follow the procedure carefully there's a good
chance this might work for you. In light of some other suggestions in
this thread, I'd pay particular attention to the recommendation at
geskstogo that you NOT enable System Restore until your system is
completely clean again. Also, that you download and install the trial
AV programs suggested for now before trying to reinstall Norton.
 
Nortons tells me that the computer is infected by a file called
hpd764.tmp which is in windows\system32 and it cannot repair or remove
this.

Any advice gratefully received,
Click to expand...

One method for deleting 'stubborn' files in XP:
open a command shell
open task manager and kill the explorer.exe process
manually delete the file in question from the command prompt
restart explorer from the command line.

This often works, but may not in your case if another process keeps that
file locked.

You can also download process explorer and file explorer from
sysinternals.com and see if you can find out who owns that tmp file -
that would be your virus {given that the thing really IS a virus}.

-P.
 
Another said:
I am still struggling to remove all the Spy Trooper Trojans.

At start-up a window pops up saying "Norton antivirus does not support
the repair" and to uninstall and reinstall Nortons.

Is this a genuine Nortons message or is it being caused by the Trojan
-- which I am sure would love me to uninstall Nortons?

Nortons tells me that the computer is infected by a file called
hpd764.tmp which is in windows\system32 and it cannot repair or remove
this.

Any advice gratefully received,
Click to expand...

You will need to download a specific removal tool as indicated in your other
thread on this same topic. Avoid tools from companies you have never heard of.
 
Mark Robinson said:
You will need to download a specific removal tool as indicated in
your other thread on this same topic. Avoid tools from companies you
have never heard of.
Click to expand...

In general, I agree with you that it's best to rely on proven sources
for tools like this. Unfortunately, I think you'll find that you
misread the Google snippets you quoted in the other thread: neither
Symantec nor BitDefender currently have a removal tool for Spy
Trooper, and none are even promised at this point.
 
Some viruses disable the AV program
some malware is incorrectly detected by AV programs

some options
remove the HD, set it up as 2nd HD in another PC & then scan it
try an online scanner (I recommend KAV)
download another av proggy & install & scan the HD


Make sure you note the name of the virus found as you may need to do some
manual virus removal (ie registry entries etc). Most AV sites will tell you
how to do this (The symantec site is very good)
 
S Roby said:
Some viruses disable the AV program
some malware is incorrectly detected by AV programs

some options
remove the HD, set it up as 2nd HD in another PC & then scan it
try an online scanner (I recommend KAV)
download another av proggy & install & scan the HD


Make sure you note the name of the virus found as you may need to do some
manual virus removal (ie registry entries etc). Most AV sites will tell you
how to do this (The symantec site is very good)
Click to expand...

If you don't have a second machine, you could also try using a
BartPE boot disk (CD) with a plugin for one of the free A/V
utilities on it. That allows you to boot/run (sort of) from the CD
without anything on the disk you are checking "running" - you can
scan it that way and find things that manage to hide themselves
when windows is running from that disk.

Check out the following:
http://www.nu2.nu/pebuilder/
http://www.irongeek.com/i.php?page=security/pebuildertutorial
http://www.ubcd4win.com/

mikey
 
Back
Top