Geekzone: technology news, blogs, forums
Guest
Welcome Guest.
You haven't logged in yet. If you don't have an account you can register now.




3628 posts

Uber Geek
+1 received by user: 174

Trusted

# 19541 20-Feb-2008 21:41
Send private message

I am running an XP computer and recently caught the infostealer.lineage virus.  I only noticed it when I did a scan with the up-to-date Norton anti-virus.  However, it doesn't let me delete it.  I scanned with Spybot but it couldn't find anything.

I have Googled online but most links lead to a product you have to pay to fix the issue.  I have tried scanning in safe mode but again, it wouldn't let me delete it.

Question is - how did it get into my system when I have up-to-date anti-virus loaded? 

Anyway, what I care most right now is how do I fix this?  Thanks in advance!:)

Create new topic
2483 posts

Uber Geek
+1 received by user: 4

Trusted

  # 111957 20-Feb-2008 22:01
Send private message

Strange... If you've got the latest, it should be able to remove it.

Anyway, here are removal instructions by Symantec: http://www.symantec.com/security_response/writeup.jsp?docid=2005-011211-3355-99&tabid=3




Find me on Twitter!

I posted 1, 2 x 10^3 times!



3628 posts

Uber Geek
+1 received by user: 174

Trusted

  # 111971 20-Feb-2008 23:04
Send private message

No luck mate.  Followed the instructions on the website.  A scan finds it but again I cannot delete it.  It says, "Cannot delete an unsupported file".  What to do?

 
 
 
 


312 posts

Ultimate Geek
Inactive user


  # 111989 21-Feb-2008 05:26
Send private message

i use a combination of spyware doctor and avg anti-virus and they work a charm. however u do have to pay for both of them usually...

1785 posts

Uber Geek
+1 received by user: 35

Trusted

  # 111992 21-Feb-2008 06:42
Send private message

i would suggest try another product, I would try Eset NOD32 trial, it gives you 30 days, you may have to uninstall your symantec product first, hope you still got the product key to install it again.

Have found this link http://answers.yahoo.com/question/index?qid=20070929143358AABQNcQ good luck



3628 posts

Uber Geek
+1 received by user: 174

Trusted

  # 112017 21-Feb-2008 09:55
Send private message

I have tried the help from Yahoo! and Symantec but without luck.  Hmm, I think it is embedded in the registry.  Any other ideas? Seems to only happen in XP.  I recently got rid of a similar virus too and had to remove some coding in regedit. 

I would hate to do a reinstall.

2483 posts

Uber Geek
+1 received by user: 4

Trusted

  # 112091 21-Feb-2008 15:30
Send private message

Have you tried to remove the entries listed on the Symantec site yet?




Find me on Twitter!

I posted 1, 2 x 10^3 times!



3628 posts

Uber Geek
+1 received by user: 174

Trusted

  # 112110 21-Feb-2008 17:05
Send private message

manhinli: Have you tried to remove the entries listed on the Symantec site yet?


Yes but I cannot find the following exe files in regedit under HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run

"[Random Name]" = "%ProgramFiles%\rundll32.exe"
"[Random Name]" = "%ProgramFiles%\explorer.exe"
"[Random Name]" = "%ProgramFiles%\Internat.exe"
"[Random Name]" = "%windir%\rundll32.exe"
"[Random Name]" = "%windir%\Internat.exe"

This is highly annoying.  HELP!XD

 
 
 
 


2483 posts

Uber Geek
+1 received by user: 4

Trusted

  # 112115 21-Feb-2008 17:15
Send private message

Symantec sometimes uses general names for similar types of malware - this seems to be one of them.

Just look at what Trend Micro has to say about "Infostealer.Lineage":
A quick search turns up around 90 records under it's database!

So, your variant may require a different approach.

You're gonna have a hard time...




Find me on Twitter!

I posted 1, 2 x 10^3 times!

156 posts

Master Geek


  # 112811 25-Feb-2008 00:25
Send private message

Don't know specifically if my following recomendations will deal with this particular nasty, but they are pretty darned good.
http://freedrweb.com/cureit/ (Standalone scanner/cleaner, no need to uninstall previous AV, usually, runs from the download location, re-download to update, approx 5Mb)
http://www.superantispyware.com/download.html (Superb free or paid versions of this antispyware. Detects many things, including files trying to hide by use of ADS. Pretty much replaced AdAware as the current state of the art scanner.)
http://free.grisoft.com/doc/download-free-anti-rootkit/us/frt/0 (Free AVG antirootkit tool. There are better, but this one is easy to use and interpret. Results of rootkit scans can require a bit of esoteric interpretation.)
Good luck.
(PS, should you ever decide to remove Norton, don't forget to download and use the removal tool following the uninstall.)



3628 posts

Uber Geek
+1 received by user: 174

Trusted

  # 113072 25-Feb-2008 22:23
Send private message

Tarq57: Don't know specifically if my following recomendations will deal with this particular nasty, but they are pretty darned good.
http://freedrweb.com/cureit/ (Standalone scanner/cleaner, no need to uninstall previous AV, usually, runs from the download location, re-download to update, approx 5Mb)
http://www.superantispyware.com/download.html (Superb free or paid versions of this antispyware. Detects many things, including files trying to hide by use of ADS. Pretty much replaced AdAware as the current state of the art scanner.)
http://free.grisoft.com/doc/download-free-anti-rootkit/us/frt/0 (Free AVG antirootkit tool. There are better, but this one is easy to use and interpret. Results of rootkit scans can require a bit of esoteric interpretation.)
Good luck.
(PS, should you ever decide to remove Norton, don't forget to download and use the removal tool following the uninstall.)


Thanks mate, I'll try out the apps and see how they go!:)

156 posts

Master Geek


  # 113073 25-Feb-2008 22:34
Send private message

Welcome. Let me/us know.

Create new topic



Twitter and LinkedIn »



Follow us to receive Twitter updates when new discussions are posted in our forums:



Follow us to receive Twitter updates when news items and blogs are posted in our frontpage:



Follow us to receive Twitter updates when tech item prices are listed in our price comparison site:





News »

Air New Zealand uses drones to inspect aircraft
Posted 17-Jun-2019 15:39


TCL Electronics launches its first-ever 8K TV
Posted 17-Jun-2019 15:18


E-scooter share scheme launches in Wellington
Posted 17-Jun-2019 12:34


Anyone can broadcast with Kordia Pop Up TV
Posted 13-Jun-2019 10:51


Volvo and Uber present production vehicle ready for self-driving
Posted 13-Jun-2019 10:47


100,000 customers connected to fibre broadband network through Enable
Posted 13-Jun-2019 10:35


5G uptake even faster than expected
Posted 12-Jun-2019 10:01


Xbox showcases 60 anticipated games
Posted 10-Jun-2019 20:24


Trend Micro Turns Public Hotspots into Secure Networks with WiFi Protection for Mobile Devices
Posted 5-Jun-2019 13:24


Bold UK spinoff for beauty software company Flossie
Posted 2-Jun-2019 14:10


Amazon Introduces Echo Show 5
Posted 1-Jun-2019 15:32


Epson launches new 4K Pro-UHD projector technology
Posted 1-Jun-2019 15:26


Lenovo and Qualcomm unveil first 5G PC called Project Limitless
Posted 28-May-2019 20:23


Intel introduces new 10th Gen Intel Core Processors and Project Athena
Posted 28-May-2019 19:28


Orcon first to trial residential 10Gbps broadband
Posted 28-May-2019 11:20



Geekzone Live »

Try automatic live updates from Geekzone directly in your browser, without refreshing the page, with Geekzone Live now.


Support Geekzone »

Our community of supporters help make Geekzone possible. Click the button below to join them.

Support Geezone on PressPatron



Are you subscribed to our RSS feed? You can download the latest headlines and summaries from our stories directly to your computer or smartphone by using a feed reader.

Alternatively, you can receive a daily email with Geekzone updates.