Neurotic.12 a???

Discussion in 'malware problems & news' started by ljc1174, Nov 1, 2002.

Thread Status:
Not open for further replies.
  1. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    GAV found Backdoor.Neurotic.12 a, and TrojanDropper.Win32.Joiner...

    I have McAfee, TrojanHunter and ZoneAlarm. I just reinstalled my computer and b4 I even hit the internet I had McAfee on, then trojanhunter then zone alarm, why, how, what the... o_O

    I used TrendMicro the last time I was online (two days ago)! The only thing I d'led today was bitdefender for yahoo and msn.

    Any thoughts?
     
  2. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Check for these files in windows directory ( Neurotic.12 a will added them) c:\inputput.txt c:\WINDOWS\winsystem.sys ,c:\WINDOWS\winsystem.ini !

    Probably a false positive!



    Technodrome
     
  3. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    i don't know where to find it... but the location that GAV says it's in is Computer Cop with is bundled with my Windows Restoration cd's. And the trojandropper is in network assoc.\virusscanengine.

    i've been up since 5, i'll deal with this tomorrow. I had gav set to delete the virus... i'm not sure what it did though and no one is on or awake over on that forum.
    i can't keep my eyes open anymore.
    i'll check back tomorrow.
    g'nite.
     
  4. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    U shouldn't delete that file it’s a false positive from GAV! GAV is in Alpha stage and you should be very carefully with it!


    Technodrome
     
  5. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    well, since nothing has happened, i'm assuming these are false. My pc is still running nicely, so i'd rather not do anything to alter this!

    thnx!
     
  6. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    I take it ZoneAlarm has not prompted on anything trying to connect out?

    Regards
    CrazyM
     
  7. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    oh, that i don't know... i use free za, and my alerts are turned off.

    i'm going to post at gav's forum... he's been pretty good w/helping me.
     
  8. LowWaterMark

    LowWaterMark Administrator

    Joined:
    Aug 10, 2002
    Posts:
    17,842
    Location:
    New England
    Even with firewall alerts off, ZA will still give you alerts on new programs trying to connect to the network, so you would see a popup if a trojan tried to access some site out on the web.
     
  9. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Backdoor.Neurotic.12 backdoor is able to disable ZA! So ZA would be useless in this case!

    You are not infected it’s a false positive!


    Technodrome
     
  10. Gladiator

    Gladiator Guest

    Yes, i did include a wrong scan signature, but this problem is fixed now :D

    We do all for defending Lori's PC :D :D :D

    Gladiator
     
  11. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA

    How or what do I type to get into the registry or is it the windows directory I have to go into to completely remove Norton?
    I thought I had it all taken care of, but I guess not. Since removing Norton and installing McAfee, I get OE errors when my system boots up and on occasion @ reboot/restart.


    And thanx again Gladiator for the fixes!!! ;)
     
  12. Technodrome

    Technodrome Security Expert

    Joined:
    Feb 13, 2002
    Posts:
    2,140
    Location:
    New York
    Go to START------>RUN, Then type REGEDIT! Highlight My computer and from EDIT click FIND-----> type Norton and after that Type Symantec!

    If you got any other Products from Symatec don't do it! Unless you know what to do....

    Also under Programs (C:\Program Files) delete any remain Symantec or Norton AntiVirus Directory! Look for Common Files and Symantec Shared files!


    Technodrome
     
  13. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    Thank you much Technodrome!!!
     
  14. CrazyM

    CrazyM Firewall Expert

    Joined:
    Feb 9, 2002
    Posts:
    2,428
    Location:
    BC, Canada
    For removing NAV you could check out the following link and RNAV.exe as a first step if you are not comfortable jumping into the registry right away.

    http://service1.symantec.com/SUPPORT/nav.nsf/docid/2001092114452606

    Regards
    CrazyM
     
  15. ljc1174

    ljc1174 Registered Member

    Joined:
    Aug 15, 2002
    Posts:
    276
    Location:
    Cleveland, Ohio USA
    oh, it's done... i'm not worried about it. I've had to re-write my hard drive so much I can do it in my sleep!
    But thanks for the suggestion!

    ~L
     
Thread Status:
Not open for further replies.