For starters, you might want to post this question to the
following newsgroup:
Discussions in Security Virus
http://support.microsoft.com/newsgr...dg=microsoft.public.security.virus&sloc=en-us
In researching the Bla trojan, I've come across many references
to it being a false postive reported by Norton. That said,
here's two courses of action you can try.
Options # 1, Major surgery:
Keep in mind that the only way to be 100% certain that you've
removed any sort of virus/trojan/worm is to wipe out the entire
hard drive and start from scratch. That means removing all the
partitions, including the hidden Dell partition, partitioning
the hard drive, formatting the drive and reinstalling Windows.
The first thing to do after installing Windows is to install
your AV software and get the Windows Firewall running. Don't go
on the internet until you've got some protection in place.
Update your AV software first, then update Windows. Once those
steps are completed, reinstall your applications and whatever
data you salvaged from the old system. I'd be very careful as
far as importing old email messages. Odds are, that's how your
computer got infected in the first place.
Option #2, Minor surgery:
Here are some online scanners. All of them require ActiveX
downloads. Hopefully, they won't be blocked.
Run both the AntiVirus and the AntiSpyware scan on this site:
http://housecall.trendmicro.com/
Click on the "Scan your PC button" while holding down the CTRL
key (to override any popup stoppers):
http://www.pandasoftware.com/products/activescan/com/activescan_principal.htm
McAfee FreeScan
http://us.mcafee.com/root/mfs/default.asp?WWW_URL=www.mcafee.com/myapps/mfs/default.asp
Symantec Security Check
http://security.symantec.com/sscv6/default.asp?productid=symhome&langid=ie&venid=sym
If you're unable to run any of these scans go to this web site
and follow the procedures outlined there:
http://www.claymania.com/removal-trojan-adware.html
Finally, go to this web site and download HijackThis:
HijackThis 1.99.1
http://www.merijn.org/files/hijackthis.zip
Run the program and save the log. There are a number of web
sites where HijackThis logs should be posted. Here are some of
the more popular ones:
CastleCops HijackThis Forum
http://castlecops.com/f67-Hijackthis_Spyware_Viruses_Worms_Trojans_Oh_My.html
Aumha Forums - HijackThis Logs
http://forum.aumha.org/
HijackThis Logs and Analysis
http://www.bleepingcomputer.com/forums/HijackThis_Logs_and_Analysis-f22.html
HijackThis Logs and Spyware/Malware Removal
http://forums.tomcoyote.org/index.php?showforum=27
Spyware Warrior HijackThis Logs
http://spywarewarrior.com/viewforum.php?f=5
These forums are staffed by volunteers who have demonstrated
their ability to interpret these logs and provide safe and
helpful assistance. Also, the forums are moderated, adding a
degree of assurance that the advice given is valid. Please do
not post a HijackThis log on one of these newsgroups. You have
no guarantee that the advice given would not make a bad
situation worse.
Good luck.
Nepatsfan
