United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton 360

Reply
Topic Options
Watchlord
Visitor
Watchlord
Posts: 5
Registered: ‎06-07-2010
Accepted Solution

I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 01:07 AM

I was surfing facebook last night and all the sudden a fake antivirus thing pops up. This happens all the time so I thought it was no biggie and that Norton would handle it. Norton did nothing. Then I got a message from Windows UAC asking me to cancel or allow access to something, I canceled and then a message came up that said 'Nmyvk.exe has stopped working, Windows is attempting to find a solution". So the fake antivirus crashed after windows blocked access. (I clicked cancel before reading out of shock *facepalm*). So I continued surfing, but whenever I tried to load a webpage the page flashed grey and then the "Internet Explorer cannot display this webpage" page comes up. Windows still says I have internet access but I cannot access any web pages. (Live update can no longer connect either.)

 

I go looking through the security history to find that a program called 'ixvevvotssd.exe' and 'kquw' has made changes to my system and network. THANKS NORTON for not telling me. I go to look at what changes its made and...THANKS NORTON for not showing the end of the file path that has been modified. Norton will not show the entire path of the file that's been modified. Also I find that 'ixvevvotssd.exe' has created a Norton Firewall rule that allows Nmyvk(remember this guy?)TCP 54387 out and TCP 5555 in for that program...THANKS NORTON.

 

What I did:

-Moved ixvevvotssd.exe (was in C:/users/<my account>/appdata/nkedbjojj/ixvevvotssd.exe) and kquw.exe (I forgot where this was) to my desktop and scanned them. Norton did not detect any viruses...THANKS NORTON.

-Blocked firewall acesses for Nmyvk.

-Full system scan with no results...THANKS NORTON.

 

(I can't find anymore changes)

 

What I have: 

-The two .exe files that caused the whole mess on me desktop.

- Windows Event Viewer log files that show the info on when Nmyvk crashed after I cancel its UAC notification.

 

Persisting Problem

-I rubben nortons nose in a virus and it still doesn't detect the virus.

-Live Update doesn't connect.

-Internet Explorer 8 flashes grey and then gives a "Internet Explorer cannot display this webpage" page despite windows saying there is internet access.

 

I would give you screenshots, files, etc. but the virus is keeping my desktop computer from accessing the web.

 

Windows 7 Prefessional x64

Norton 360 Premier Edition

Internet Explorer 8

Report Inappropriate Content
Message 1 of 15 (3,529 Views)
0 Kudos
Watchlord
Visitor
Watchlord
Posts: 5
Registered: ‎06-07-2010

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 01:36 AM

UPDATE: I got internet access back up on the infected computer. I found that the virus set Internet Explorer to use its own host computer as a proxy on port 5555.

Report Inappropriate Content
Message 2 of 15 (3,497 Views)
0 Kudos
Super Phishing Phryer
Super Phishing Phryer
Turbo
Posts: 576
Registered: ‎05-02-2009

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 02:53 AM

I go looking through the security history to find that a program called 'ixvevvotssd.exe'

 

 

If you see a random string of gibberish ending in tssd.exe it is very likely related to the rogue Antispyware Soft, further evidence is that your IE proxy settings were changed. You can view additional information and get removal instructions here:  BleepingComputer

Report Inappropriate Content
Message 3 of 15 (3,476 Views)
Marjan
Newbie
Marjan
Posts: 1
Registered: ‎06-07-2010

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 03:07 AM

I had the very same problem and shut down the proxy server. Problem solved, thanks!!

Report Inappropriate Content
Message 4 of 15 (3,464 Views)
floplot
Posts: 9,951
Topics: 200
Kudos: 1,892
Solutions: 354
Registered: ‎04-11-2009

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 08:08 AM

Hello Watchlord

 

Welcome to the Norton Users Discussion Forum

 

Very often that rogue security program comes along with a rootkit. I would strongly recommend a visit to www.bleepingcomputer.com  and sign up with them and put possible rootkit in the topic. It is a free site with a very good reputation with removing malware such as this. Very often Norton can not remove the rootkits because critical windows drivers become infected and if removed, your computer will become involved in a bootup cycle or worse. These types of removals require replacement with a good version of the driver and it could be different drivers every time. Bleeping Computer has the right type of environment to help you get this done in a safe manner.

 

Please come back and let us know how you made out after you have consulted with them. Thanks.

Success always occurs in private and failure in full view.




Report Inappropriate Content
Message 5 of 15 (3,398 Views)
Watchlord
Visitor
Watchlord
Posts: 5
Registered: ‎06-07-2010

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 09:41 AM

@ Turbo: Thanks! That is the exact thing that hit me, even the screenshot was accurate. I deleted the registry keys it listed (only a few existed). Also today when I logged on Norton finally recognized the two .exe files as SpywareGuard2008 and took about 30 min to proccess the 1st one. It showed that norton repaired and deleted a load of files and registry keys.

Report Inappropriate Content
Message 6 of 15 (3,380 Views)
0 Kudos
floplot
Posts: 9,951
Topics: 200
Kudos: 1,892
Solutions: 354
Registered: ‎04-11-2009

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 02:06 PM

Hello Watchlord

 

Although you have fixed 2 programs like Spyware Guard 2008 and that other one, I would still pay a visit to www.bleepingcomputer.com to check out to see if you have a rootkit in your system. The secondary infections may have been cleaned up, but the fact that you got 2 of this type and it ending with tdss, it is very likely that you do have a rootkit which needs to be checked out by Bleeping Computer. They will give you programs to run to check to see if you do have a rootkit. If you don't have one according to their tests, then nothing lost. If you do have a rootkit, they can help you clean it up. It's a free site and they are good at what they do. There may still be an infected driver which is causing these programs to download to your computer.

Success always occurs in private and failure in full view.




Report Inappropriate Content
Message 7 of 15 (3,314 Views)
Watchlord
Visitor
Watchlord
Posts: 5
Registered: ‎06-07-2010

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 03:20 PM

Thank you I will be sure to check that out.

Report Inappropriate Content
Message 8 of 15 (3,281 Views)
0 Kudos
TylerDurden
Posts: 156
Topics: 8
Kudos: 32
Solutions: 6
Registered: ‎12-28-2008

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 05:51 PM

Have you tried Norton Power Eraser? It's FREE and worth a shot. Available at http://security.symantec.com/nbrt/npe.asp

 

 

--TD

"The brain is useless. We must find another brain." Dr. Henry Frankenstein (1932)
Report Inappropriate Content
Message 9 of 15 (3,245 Views)
0 Kudos
Watchlord
Visitor
Watchlord
Posts: 5
Registered: ‎06-07-2010

Re: I have a virus that norton logs, but doesn't detect...HELP!!!

Options

‎06-07-2010 09:06 PM

Why would this work better that N360 which costs money?

Report Inappropriate Content
Message 10 of 15 (3,186 Views)
0 Kudos

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+