• All Community
    • All Community
    • Forums
    • Ideas
    • Blogs

Not what you are looking for? Ask the experts!

Kudos0

AntivirusSoft Malware--Norton does not detect it!

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through. You REALLY have to do something about it. More and more people are getting infected with it and Norton is doing absolutely nothing, it wouldn't even detect it. Please take care of it asap.

Thank you!

Replies

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Unfortunately these rogue programs are hardly to detect, and most AV programs do not detect them (incl. Norton)!

Here's a step-by-step guide how to remove it: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-soft

Let us know the results.

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!


anreyna wrote:

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through.


Did you have Norton 360 version 4 ? I doubt anything like this can pass through Download Insight , IPS or SONAR2 .

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!


3play wrote:

anreyna wrote:

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through.


Did you have Norton 360 version 4 ? I doubt anything like this can pass through Download Insight , IPS or SONAR2 .


Sometimes these rogue programs can infect the PCs with AV softwares installed as well... :( They are kinda new technology for infecting the machines, and AV developers are now building new detection mechanisms to get them much faster then now. Most of them needs some user interactions -> well, basicly you allow them to install.....

Here are some other infos about them, plus a lot of variants: http://en.wikipedia.org/wiki/Rogue_security_software

EDIT: or check this: http://www.microsoft.com/security/antivirus/rogue.aspx

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!


PapauZ wrote:
Sometimes these rogue programs can infect the PCs with AV softwares installed as well... :( They are kinda new technology for infecting the machines, and AV developers are now building new detection mechanisms to get them much faster then now. Most of them needs some user interactions -> well, basicly you allow them to install.....

Here are some other infos about them, plus a lot of variants: http://en.wikipedia.org/wiki/Rogue_security_software

EDIT: or check this: http://www.microsoft.com/security/antivirus/rogue.aspx


Hello!

No antivirus is perfect but as you said most times (if we have a computer not seriously vulnerable) this requires user interaction . And if the executable gets downloaded on the computer , Download Insight would have poped-up with messages like these

   

(well , in case IE or Firefox were involved)

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

thanks for the help, but i had to do a system restore to get rid of that virus.

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

The most common way to remove this virus is by a system restore.

Kudos2

Re: AntivirusSoft Malware--Norton does not detect it!

Hello

These rogue antivirus programs are constantly being changed ever so slightly, but enough to bypass antivirus programs. Bleeping Computers has been updating their instructions to remove this malware trying to keep up with it. Unfortunately, the malware writers are a bit faster in making slight changes which will prevent Security programs from stopping it in many cases. Some times malware just has to be removed safely and Bleeping Computers is supplying this removal process.

Success always occurs in private and failure in full view.
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

How do you know you got infected with it if Norton does not detect it?

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!


snipes1988 wrote:

How do you know you got infected with it if Norton does not detect it?


Mostly these uses pop-ups, and they came up randomly while you are using your PC. But as we said before these programs intect the PCs mostly by "user-error". These have so good webpages and advertisements, that you belive them, and install them. And then the average user can not remove it, or do anything to stop it.....

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Wait a minute... I have been getting these kind of pop ups and have been getting redirected to other webpages while surfing the internet. What happened to me was Norton did not detect it, So I downloaded MalwareBytes and it removed 14 individual items /objects. They were Trojans and Adware viruses, mainly in the registry. But the thing is.. after it removed this, it has never detected a threat since and I have still been getting redirected to other sites and pop ups still come up. Do I have this "Antivirus Soft Malware" ?

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

You can try running SuperAntiSpyware as well... But as a pop-up I meant that the program comes up as popup. What kinda pop-ups do you get? Are these advertisments eg. to download contents to your phone or something like that? Because I see these too on a lot of page, the webadmins add these advertisments to their site to get some extra money....

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

SuperAntiSpyware detected nothing, and these advertisements are coming at any website, even these norton forums. They are mostly popups that have to do with what I am looking at. Such as... when I am on the Norton forums, I get a popup to this other security system.

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

That sounds really strange....

Update both Norton and Malwarebytes/SuperAntiSpyware, and then restart your machine in Safe Mode (by the boot press F8, and select safe mode from the list).

When Windows is loaded, do a full system scan with the security softwares.

In Safe Mode these programs can not run, and it is easier to remove and detect them.

Let us know the results.

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Hello snipes1988

If after doing what was suggested and you are still getting the popups, then please try and run a HiJackThis to see if anything shows up on that which is triggering those popups. Also after malwarebytes cleaned up what it found, did you remove your restore points?

Please download HiJackThis from http://free.antivirus.com/hijackthis/ Choose the executable and save it on your desktop. Run the file and select the first option on the main menu "Do a system scan and save a log file". When this is finished, Notepad will open with the log file in it. Save the log file and attach it to a post here via the Add Attachments Please don't attempt to fix anything that it shows until someone checks out the log. Thanks.

Success always occurs in private and failure in full view.
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

I ran the scans in Safe Mode and the only things found were 7 tracking cookies by Norton. I also ran HijackThis and heres the log. Also, HijackThis gave me a error message, it said that "For some reason your system denied write acces to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this." it told me to run HijackThis as administrator, but when I right click it, I do not get that option.

File Attachment: 
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

So should I have HijackThis make any changes??

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Is there anyone on these forums that knows how to check this log? If not, then can I get a link to maybe another place I can get this log checked.

Kudos1

Re: AntivirusSoft Malware--Norton does not detect it!

I'm not an expert of the HijackThis logs, but I saw nothing serious in these logs.

The only strange thing is for me, that it reports several Windows files as missing....

To solve it open an evelated command promt (in start menu write cmd in, and right click on the icon and run it as administrator). In the cmd window write this in: sfc /scannow.

When the scan is done, reboot, and then check again the pop-ups.

Let us know the results.

Windows 8.1 Embedded Industry Pro x64 Hungarian, Norton 360 v21.5.0.19
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Hello snipes1988

I have just asked someone to check out your HiJackThis log. Sorry for the delay. I don' think he's missing windows files, it shows up like that with his o/s =x86. But I don't know if there is anything on it that needs to be fixed of if it is giving any hints of malware.

Success always occurs in private and failure in full view.
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!


floplot wrote:

Hello snipes1988

I have just asked someone to check out your HiJackThis log. Sorry for the delay. I don' think he's missing windows files, it shows up like that with his o/s =x86. But I don't know if there is anything on it that needs to be fixed of if it is giving any hints of malware.


"I don' think he's missing windows files, it shows up like that with his o/s =x86."

Wrong  x86 = 32 bit  The above statement is incorrect as a consequence.

Quads

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

snipes1988 -

I checked your HiJackthis log and before doing anything with it would like you to run the SFC /scannow utility that PapauZ asked you to run.  This should clear up a good many problems.

Win7 x32 SP1
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Well, I ran the SFC/scannow, and it said that it repaired some windows files. I am running Windows Vista 64-Bit. And I included a HijackThis log which I ran after the SFC/scannow was done.

File Attachment: 
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Hi Snipes1988,


The following entry in the Hijack this seems to be suspicious:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local


Are you using any Proxy settings for connecting to the Internet?


I would also suggest to reset the Hosts file in your computer, refer to the instructions in the following Microsoft Article:

http://support.microsoft.com/kb/972034


Yogesh

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Thanks for the help Yogesh. Well, I took your advice and reset the host files by downloading that thing from the link you gave me. And i do NOT use any proxy settings. I ran a HijackThis log after reseting the host files and I attached it.

What do you recommend I do next?

File Attachment: 
Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

Fix the following items in Hijackthis:

R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = local;*.local
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)


Now, run LiveUpdate repeatedly until you receive all the available updates, restart the computer to Safe Mode and then run a Full System Scan. Check and let us know whether you are still getting pop-ups/search re-directs.


Yogesh

Kudos0

Re: AntivirusSoft Malware--Norton does not detect it!

I removed one of the things from HijackThis. But there was one thing that after I pressed "fixed checked", I dont think it did anything. The proxy one went away, but when I ran another HijackThis, the "O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file)" did not go away.

Replies are locked for this thread.