- Joined
- Jun 28, 2008
- Messages
- 2,557
- Reaction score
- 571
- Location
- SE Michigan
- Website
- www.bofexler.blogspot.com
I figure I'll ask here since Google hasn't gotten me what I need to know.
The situation is this-- I've taken over the computers at my school. The alt ed program where I work is very much treated like the bastard child-- no one acknowledges us unless they *have* to and getting help on anything is a challenge of epic proportions. So... anything I do to the computers is authorized by my boss, but not by the districts tech department. Anything I screw up... is very very bad. I also don't have access to the Windows Install.
Now, one of our happy computers decided to be a suburb of Troy and picked itself up the Vundo Trojan. Nasty little thing. Surprisingly, of the three other computers who think they're in Troy, this time it was actually detected by the district's Symantec scanner. Symantec couldn't clean it, but Avira got the guts of the Trojan out. I went and got Malware Bytes which cleaned the registry keys. All is good, right? Now Malware Bytes, Avira, even Symantec all agree the computer is clean.
However, on restart, soon as I log in as admin, Symantec finds a piece of the Trojan and cleans it off. Every single time! It appears to find this infection in Program Files/Symatec/ savrt/0000NAV~.tmp
Now, the system seems to run fine except for this little problem on reboot. And honestly, it's almost a non-issue because the students log in as guest not adming and now I have Windows Steady State on all the machines (shhhh.) (Thanks to whoever it was that mentioned that!) But it bothers me because it's not right.
Now, while I'm willing to do registry hacks or download things (so long as I can uninstall them later and cover my tracks), I really don't want to screw up the computer if I can help it. Oh yeah-- no restore point either. No access to Windows Installer. And it's running WinXP Pro.
Okay, short story long-- what's the best course(s) of action to get this stupid detection to stop detecting?
Thanks as always. And don't tell anyone that I've taken over the computers. Someone needed to love and care for them!
The situation is this-- I've taken over the computers at my school. The alt ed program where I work is very much treated like the bastard child-- no one acknowledges us unless they *have* to and getting help on anything is a challenge of epic proportions. So... anything I do to the computers is authorized by my boss, but not by the districts tech department. Anything I screw up... is very very bad. I also don't have access to the Windows Install.
Now, one of our happy computers decided to be a suburb of Troy and picked itself up the Vundo Trojan. Nasty little thing. Surprisingly, of the three other computers who think they're in Troy, this time it was actually detected by the district's Symantec scanner. Symantec couldn't clean it, but Avira got the guts of the Trojan out. I went and got Malware Bytes which cleaned the registry keys. All is good, right? Now Malware Bytes, Avira, even Symantec all agree the computer is clean.
However, on restart, soon as I log in as admin, Symantec finds a piece of the Trojan and cleans it off. Every single time! It appears to find this infection in Program Files/Symatec/ savrt/0000NAV~.tmp
Now, the system seems to run fine except for this little problem on reboot. And honestly, it's almost a non-issue because the students log in as guest not adming and now I have Windows Steady State on all the machines (shhhh.) (Thanks to whoever it was that mentioned that!) But it bothers me because it's not right.
Now, while I'm willing to do registry hacks or download things (so long as I can uninstall them later and cover my tracks), I really don't want to screw up the computer if I can help it. Oh yeah-- no restore point either. No access to Windows Installer. And it's running WinXP Pro.
Okay, short story long-- what's the best course(s) of action to get this stupid detection to stop detecting?
Thanks as always. And don't tell anyone that I've taken over the computers. Someone needed to love and care for them!