[ahenderson]

Hello, I am new and I have an Urgent question Please Reply asap, thanks I am running Windows Vista / IE 7(obviously :-)

After during a Spysweeper: I have received these messages:

Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 1 round of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 2 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 3 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 4 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 5 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 6 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 7 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 8 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 9 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 10 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 11 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 12 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 13 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 14 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 15 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 16 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 17 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 18 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 19 rounds of disinfection.
Informational: File C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE still infected with virus Mal/Generic-A after 20 rounds of disinfection.
Informational: Virus infected file C:\USERS\PAIGEYGIRL\APPDATA\LOCAL\TEMP\SYMLCSV1.EXE not cleaned.
--------------------------------------------

What ticks me off is that Norton states that everything is at risk because the trial period ended. But I purchased all features of Norton and states good until March 2009, but all shows at risk now, and I have been infected apparently, from what Spysweeper is stating.

What the heck would cause this? AND now, what should I do to clean?

I am a greenhorn, and do not know what to do?




Thanks



Drew

[Esbenovich]

well maybe I can help you with the Norton part, my mother had the same problem. we couldn't find out what was wrong since the license definetly hadn't run out already..
but we found a cd with Norton on it that came with the pc. apparently the manufacturer had only installed a trial of Norton, so when we installed Norton from the cd everything worked.

by the way.. this should be in the malware removal & hjt logs forum..

[Elvandil]

Try and online scan (TrendMicro), or try cleaning in Safe Mode.

See if the process is running in Task Manager and terminate it.

[ahenderson]

that is GREAT information for me! Thanks very much. I think I have a Norton CD? But can't remember now that I think of it. I will check. This makes me not like Norton. I logged into my Norton Account and see that I am showing active til March of 2009. Weird?

[ahenderson]

Thankyou! I will do what you said here. Also, do I need to change Passwords and stuff? I am not familiar with Viruses, does this look like could do damage?

[Elvandil]

It's hard to say what the virus may do, but getting rid of it as soon as possible will limit any damage.

Here is some info:

http://www.sophos.com/security/analy...lgenerica.html
with instructions for removal.

More:

http://www.trendmicro.com/vinfo/viru...&id=MAL_EMESEN

Norton, besides being a resource hog, is so popular that many viruses inactivate it to protect themselves. The free AV's are as good (I think better).

Free online virus scan:

http://housecall.trendmicro.com/

The virus has a "low" risk rating, so I wouldn't worry about passwords and such yet. But often, when there is one, there is more.

You might want to go to the Malware forum, post a log according to the instructions there, and get expert help with cleaning.

[gr277]

Quote:

Originally Posted by Elvandil

Norton, besides being a resource hog, is so popular that many viruses inactivate it to protect themselves. The free AV's are as good (I think better).

I wouldn't touch Norton with a barge pole.....

[lunarlander]

Since it says that the infection is not cleaned, maybe it is still running. Try booting into Safe Mode with Networking ( hit F8 after the memory counting bios screen when booting) and run the online scan that way.

[valis]

just for kicks and grins, you may want to post a hjt log to have an expert parse it as well. As follows:

CLICK HERE to download the HijackThis Installer:
1. Save HJTInstall.exe to your desktop.
2. Double-click on HJTInstall.exe to run the program.
3. By default it will install to C:\Program Files\Trend Micro\HijackThis.
4. Accept the license agreement by clicking the "I Accept" button.
5. Click on the "Do a system scan and save a log file" button. It will scan and then ask you to save the log.
6. Click "Save log" to save the log file and then the log will open in Notepad.
7. Click on "Edit -> Select All" then click on "Edit -> Copy" to copy the entire contents of the log.
8. Come back here to this thread and paste the log in your next reply.
9. Do NOT have HijackThis fix anything yet! Most of what it finds will be harmless or even required.

[ahenderson]

Thanks SO much for the advice, words of wisdom

[valis]

well, seeing as how I see these every day on another site, I'd kinda recommend it.

But if you choose not to do so, it is, after all, your pc.