Not what you were looking for? Ask our experts!
Reply
Newbie
thebest
Posts: 3
Registered: ‎03-17-2013
Accepted Solution

I think I have a virus: Norton isn't helping

So, I believe I have a virus of some type. I think it might be a trojan/keylogger, so I am typing this up on a separate computer.

The story:

I downloaded a game from this link (thepiratebay.se/torrent/7071588/Empire_Earth_2_Gold_Edition_[GOG]). I know it is TBP. I try games out, if I like them I buy them (being serious). It had reviews and many seeders, so it seemed fine. But that is not the point of this thread...

 

So anyway, I downloaded it, and it seemed fine. Passed the scan and whatnot. I open to try and install it, and a screen pops up saying "Checking File integrety". Right when the progress bar loaded, my computer got a blue screen. The error was long, and I believe it was a memory error. It said something about a required system file, although I don't know exactly what it said. My computer has a history with blue screens, so this is nothing new nessarily. I restarted a few times, it seems a bit slower, but still OK. later, I started getting random errors in other programs. I tried to run an install program, and got a memory error stating that an address was invalid. A few minutes later, I got an error in Norton Internet security, stating an unknown error happened (it was 4 numbers, might have been something like 3058). I thought maybe the program wasn't a virus, and instead was just a bad install program that caused a chain-like reaction and messed up my RAM. I tried to do a system restore to 1 month ago, but I got an error near the end of it, saying that it had failed with an unknown error, which was the same error the blue screen gave me. Very strange. The system restore did restore my registry and files, so I think it might have failed when it got to that bad system file.

 

I decided that this might indeed be a virus because it could be preventing a system restore, so I did a full system scan using Norton. 90% through the system scan, I got another error involving I/O in memory. My desktop only had the background picture, and all the other programs seemed to quit. I tried to start task manager, but when I did Ctrl+Alt+Del, it said it couldn't do it, and I should restart the computer. I did, and once again it just seemed a bit slower than normal.

 

I downloaded Norton's Power scan tool, but that didn't find anything either. I looked through all the processes and services, and didn't find anything strange (I keep note of what normally runs). I didn't see anything that suggested memory injection into something like windows explorer (I keep track of how much programs normally run in terms of RAM).

 

So I decided to look at the logs in Norton, and Low and Behold, I find the logs for the Firewall- Netowork/Connections filled since I started installing the game. Most of these logs just say "Protecing your connection to a newly detected network on adapter 'Teredo Tunneling Pseudo-Interface' (IP address: fe80::837:3fa8:9d23:49e4%22)." One of the logs says: "Connected to a shared network. (20 4E 7F 97 8D C8 is the Gateway Physical Address).

This has raised my suspision that it is indeed a virus.

 

Any help is welcome. I don't care what it is. Any questions are welcome.

 

TL;DR: Basically I have a virus that I don't know how to get rid of, and I need help.

mp3jo
Posts: 1,471
Topics: 269
Kudos: 100
Solutions: 113
Registered: ‎06-27-2009

Re: I think I have a virus: Norton isn't helping

Hi,

 

You can go to one of the malware forums like

 http://www.bleepingcomputer.com

 http://forums.whatthetech.com/

Cheers,
Jo

Graduate of the WTT Classroom

SendOfJive
Posts: 10,816
Kudos: 4,862
Solutions: 780
Registered: ‎02-07-2009

Re: I think I have a virus: Norton isn't helping

[ Edited ]

thebest wrote:

So I decided to look at the logs in Norton, and Low and Behold, I find the logs for the Firewall- Netowork/Connections filled since I started installing the game. Most of these logs just say "Protecing your connection to a newly detected network on adapter 'Teredo Tunneling Pseudo-Interface' (IP address: fe80::837:3fa8:9d23:49e4%22)." One of the logs says: "Connected to a shared network. (20 4E 7F 97 8D C8 is the Gateway Physical Address).

This has raised my suspision that it is indeed a virus.


The firewall logs don't seem to be anything to worry about.  Connecting to your gateway is normal, and the "Shared" network simply indicates Norton's trust level for a network on which you have sharing enabled.  The Teredo Tunneling entry is also normal.  System Restore may have failed if you did not disable Norton Product Tamper Protection before attempting to restore.  You could turn off Tamper Protection and retry.

Newbie
thebest
Posts: 3
Registered: ‎03-17-2013

Re: I think I have a virus: Norton isn't helping

@SendOfJive do you believe it is a virus? Thank you for reading the whole thing, and thanks for the answer. It is good to know that it is normal for that to happen.
@mp3jo thanks for the links :)
SendOfJive
Posts: 10,816
Kudos: 4,862
Solutions: 780
Registered: ‎02-07-2009

Re: I think I have a virus: Norton isn't helping


thebest wrote:
@SendOfJive do you believe it is a virus? Thank you for reading the whole thing, and thanks for the answer. It is good to know that it is normal for that to happen.

This would not be the sort of thing that a virus would do by design, but certainly if an attempted installation corrupted your system, you might have these issues.  The problems you are seeing would not necessarily imply an infection - there are many things that could cause the sort of instability you are having.  SInce you were having a history of blue screens anyway, which is not normal, it may be that something is failing.  You certainly ought to back up all of  your important personal data to an external drive or other media, just to be safe.

Newbie
thebest
Posts: 3
Registered: ‎03-17-2013

Re: I think I have a virus: Norton isn't helping

Yeah they happened the day I got it. I believe the graphics card is above the heqt sink, and it overheats if I don't handle it right. Good to hear though. It does have some stability problems I guess. Thanks for the help, I appreciate it :)
SendOfJive
Posts: 10,816
Kudos: 4,862
Solutions: 780
Registered: ‎02-07-2009

Re: I think I have a virus: Norton isn't helping

You're welcome.