Sign In
Create Account
1
I have what I think is an unusual problem...
I need advice on both procedural questions and re-transmission issues.
Here's the overall situation, I will try to be as clear as I can:
I've just replaced NIS '08 with Norton 360 2.0 '09 on my XPsp3 computers. My usual SOP keeps everything updated & scanned.
The new 360 tends to run quick scans and find nothing. Over the years I have downloaded quite a few programs, mostly just utilities & trials from sourceforge or cnet- nothing from the 'underworld'. Never had a virus in the machine before...
I got a big 500G USB hard drive for Christmas, and finally started on something I've long wanted to do- transfer all those old backup CDs and organize them down into a single set of 'keepers'.
I'd gone thru quite a few CDs, and stuff from the smaller HDs on my computers. Some of the CDs (mostly with Stomper-attached adhesive labels) refused to read, but I don't know if that is relevant to this prob.
When I thought to run a full scan on the USB drive, Norton 360 found two .zip files that were 'hiding' Trojan.Killfiles & had quarantined them.
To be totally clear: Both the infected .zip files had the same name; back in 2000 and then again in 2001 the original file had been manually stuck in a backup folder.
Those folders sat inside other folders as backups- never opened or extracted- and eventually were copied off the hard drive onto a CD (as I recall, using the native Windows burner).
While they were on that machine, I had either McAfee or Norton running and nothing was detected.
When I copied off that CD onto the big USB drive, with 360 running, nothing was detected.
When I ran 360 specifically on that drive, it found 2 problem files which it quarantined.
I went to Norton Support online chat, where I was '87 in que' and after a couple hours got somebody in India who was (lets say) unable to help, or even understand.
OK, again to clarify: on the G: USB drive there is a nest of folders... say BACKUPS>OLD BACKUPS>UTILITIES which contains 2 folders BACKUPS 2000 & BACKUPS 2001, each of which contains a folder containing the identical allegedly infected .zip file {oe.exe}.
I've found lots of information & misinformation about the variously named Trojan.Killfiles, which apparently goes back to at least 2003 according to sites like Trend, McAfee, & Norton.
I've disconnected the USB drive, and scanned the computer itself with Trend Housecall, again 360, and now Malwarebytes- nothing is finding evidence of infection.
My Qs include:
* 360 quarantined the files, but apparently has no way to delete them. If I overwrite them with a scrubber program, will that make things better or more difficult to track?
* I use flashdrives to move things between computers. How can I be sure they are clean? Can they infect a computer just be being plugged in? Do different brand have different vulnerabilities?
* Are data files on a CD or DVD scannable while still on the disc? Does ' Close sessions' lock files?
* Is there a possibility I don't have a real problem?
This trojan isn't marked with a .u or anything, unlike modern versions, so I think it is a vintage 'Mark 1' and not something that got in over the net.
No programs seem to find anything to report in RAM or Registry. (However... 360 both 'optimizes' files & 'cleans' the registry, new features over NIS)
* What should I do next?
Thanks guys!
Back to top
