Virus that reverts virus defs.

  • Thread starter Thread starter nole1
  • Start date Start date
N

nole1

My wife's computer has a virus. The virus kicks her out of IE, attacks
norton AV by reverting virus definitions back to 9-15-05, and a few
other things.
I tried to goto norton.com on my other computer, download the latest
virus defs manually then pass them to the other computer and install
them. It worked, but the it just reverted them back, and corrupted the
file.

If i could only find out the name of the virus I could fix it, but I
have found nothing about it on the internet, and I'm not able to do
any online scans because the virus won't let me download or stay in IE
long enough to download the files.

If anybody could help, I'd greatly appreciate it.
 
From: <[email protected]>

| My wife's computer has a virus. The virus kicks her out of IE, attacks
| norton AV by reverting virus definitions back to 9-15-05, and a few
| other things.
| I tried to goto norton.com on my other computer, download the latest
| virus defs manually then pass them to the other computer and install
| them. It worked, but the it just reverted them back, and corrupted the
| file.
|
| If i could only find out the name of the virus I could fix it, but I
| have found nothing about it on the internet, and I'm not able to do
| any online scans because the virus won't let me download or stay in IE
| long enough to download the files.
|
| If anybody could help, I'd greatly appreciate it.

I know of no malware that does this but... while unlikley, it is possible.

My suggestion is to remove NAV completely and install Kaspersky or NOD32 instead.
 
From: <[email protected]>

| My wife's computer has a virus. The virus kicks her out of IE, attacks
| norton AV by reverting virus definitions back to 9-15-05, and a few
| other things.
| I tried to goto norton.com on my other computer, download the latest
| virus defs manually then pass them to the other computer and install
| them. It worked, but the it just reverted them back, and corrupted the
| file.
|
| If i could only find out the name of the virus I could fix it, but I
| have found nothing about it on the internet, and I'm not able to do
| any online scans because the virus won't let me download or stay in IE
| long enough to download the files.
|
| If anybody could help, I'd greatly appreciate it.

I know of no malware that does this but... while unlikley, it is possible.

My suggestion is to remove NAV completely and install Kaspersky or NOD32 instead.
Click to expand...

Can i install those 2 over the top of NAV?
 
From: <[email protected]>


|
| Can i install those 2 over the top of NAV?

No. You can have only one fully installed anti virus application performing "on Access"
running on the computer. Both of the suggested applications are much better then NAV.

Personally, I think this is a problem with NAV and not a virus casing what you described. I
may be wrong but, that's my gut feeling.
 
From: <[email protected]>

|
| Can i install those 2 over the top of NAV?

No. You can have only one fully installed anti virus application performing "on Access"
running on the computer. Both of the suggested applications are much better then NAV.

Personally, I think this is a problem with NAV and not a virus casing what you described. I
may be wrong but, that's my gut feeling.
Click to expand...

I doubt it. One of the things wrong is I think my installed norton of
the top of the virus, so it never had a chance. But I'll try what you
have suggested.
Thank you
 
From: <[email protected]>


|
| I doubt it. One of the things wrong is I think my installed norton of
| the top of the virus, so it never had a chance. But I'll try what you
| have suggested.
| Thank you

Well you can try the following and sede if there actually IS something there....


Download MULTI_AV.EXE from the URL --
http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:
http://pcdid.com/Multi_AV.htm


* * * Please report back your results * * *
 
From: <[email protected]>

|
| I doubt it. One of the things wrong is I think my installed norton of
| the top of the virus, so it never had a chance. But I'll try what you
| have suggested.
| Thank you

Well you can try the following and sede if there actually IS something there....

Download MULTI_AV.EXE from the URL --http://www.ik-cs.com/programs/virtools/Multi_AV.exe

To use this utility, perform the following...
Execute; Multi_AV.exe { Note: You must use the default folder C:\AV-CLS }
Choose; Unzip
Choose; Close

Execute; C:\AV-CLS\StartMenu.BAT
{ or Double-click on 'Start Menu' in C:\AV-CLS }

NOTE: You may have to disable your software FireWall or allow WGET.EXE to go through your
FireWall to allow it to download the needed AV vendor related files.

C:\AV-CLS\StartMenu.BAT -- { or Double-click on 'Start Menu' in C:\AV-CLS}
This will bring up the initial menu of choices and should be executed in Normal Mode.
This way all the components can be downloaded from each AV vendor's web site.
The choices are; Sophos, Trend, McAfee, Kaspersky, Exit this menu and Reboot the PC.

You can choose to go to each menu item and just download the needed files or you can
download the files and perform a scan in Normal Mode. Once you have downloaded the files
needed for each scanner you want to use, you should reboot the PC into Safe Mode [F8 key
during boot] and re-run the menu again and choose which scanner you want to run in Safe
Mode. It is suggested to run the scanners in both Safe Mode and Normal Mode.

When the menu is displayed hitting 'H' or 'h' will bring up a more comprehensive PDF help
file. http://www.ik-cs.com/multi-av.htm

Additional Instructions:http://pcdid.com/Multi_AV.htm

* * * Please report back your results * * *
Click to expand...

I appreciate it, that seems like a good plan.
 
Good idea, as there are several viruses circulating right now that
specifically target Synmantec's security products. Another very pertinent
suggestion is to stop using Internet Explorer. Since the virus seems to
kick your wife out of her browser, it would be interesting to see if that
would happen using Firefox with NoScript enabled and no ActiveX. IE is a
malware magnet. Switching to Firefox or Opera is a much safer
alternative. Also, the following page at Castlecops has a list of free
online virus scanners, which might be an option if the virus keeps
security apps from being installed:
http://wiki.castlecops.com/Lists_of_freeware_antivirus. Also, I would
high recommend your "Add/Remove" programs in Control Panel to see if there
is any other AV installed. That in itself can cause major problems with
your system. Most AV software don't even allow an additional on-demand
scanner, much less another one running resident. Anyway, good luck in
getting rid of the malware.
 
Back
Top