AntivirusSoft Malware--Norton does not detect it!

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through. You REALLY have to do something about it. More and more people are getting infected with it and Norton is doing absolutely nothing, it wouldn't even detect it. Please take care of it asap.

Thank you!

Unfortunately these rogue programs are hardly to detect, and most AV programs do not detect them (incl. Norton)!

 

Here's a step-by-step guide how to remove it: http://www.bleepingcomputer.com/virus-removal/remove-antivirus-soft

 

 

Let us know the results.


anreyna wrote:

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through.


Did you have Norton 360 version 4 ? I doubt anything like this can pass through Download Insight , IPS or SONAR2 .


3play wrote:

anreyna wrote:

I recently got infected with a nasty malware program called "AntiVirus Soft". I have Norton 360 installed on my computer and I can't believe that it would let such an annoying virus through.


Did you have Norton 360 version 4 ? I doubt anything like this can pass through Download Insight , IPS or SONAR2 .


 

Sometimes these rogue programs can infect the PCs with AV softwares installed as well... :( They are kinda new technology for infecting the machines, and AV developers are now building new detection mechanisms to get them much faster then now. Most of them needs some user interactions -> well, basicly you allow them to install.....

 

Here are some other infos about them, plus a lot of variants: http://en.wikipedia.org/wiki/Rogue_security_software

EDIT: or check this: http://www.microsoft.com/security/antivirus/rogue.aspx


PapauZ wrote:
Sometimes these rogue programs can infect the PCs with AV softwares installed as well... :( They are kinda new technology for infecting the machines, and AV developers are now building new detection mechanisms to get them much faster then now. Most of them needs some user interactions -> well, basicly you allow them to install.....

 

Here are some other infos about them, plus a lot of variants: http://en.wikipedia.org/wiki/Rogue_security_software

EDIT: or check this: http://www.microsoft.com/security/antivirus/rogue.aspx


Hello!

 

No antivirus is perfect but as you said most times (if we have a computer not seriously vulnerable) this requires user interaction . And if the executable gets downloaded on the computer , Download Insight would have poped-up with messages like these

Capture.PNG   

 

 

 

 

 

 

Capture2.PNG

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

(well , in case IE or Firefox were involved)

thanks for the help, but i had to do a system restore to get rid of that virus.

The most common way to remove this virus is by a system restore.

Hello

 

These rogue antivirus programs are constantly being changed ever so slightly, but enough to bypass antivirus programs. Bleeping Computers has been updating their instructions to remove this malware trying to keep up with it. Unfortunately, the malware writers are a bit faster in making slight changes which will prevent Security programs from stopping it in many cases. Some times malware just has to be removed safely and Bleeping Computers is supplying this removal process.

How do you know you got infected with it if Norton does not detect it?


snipes1988 wrote:

How do you know you got infected with it if Norton does not detect it?


 

Mostly these uses pop-ups, and they came up randomly while you are using your PC. But as we said before these programs intect the PCs mostly by "user-error". These have so good webpages and advertisements, that you belive them, and install them. And then the average user can not remove it, or do anything to stop it.....

Wait a minute... I have been getting these kind of pop ups and have been getting redirected to other webpages while surfing the internet. What happened to me was Norton did not detect it, So I downloaded MalwareBytes and it removed 14 individual items /objects. They were Trojans and Adware viruses, mainly in the registry. But the thing is.. after it removed this, it has never detected a threat since and I have still been getting redirected to other sites and pop ups still come up. Do I have this "Antivirus Soft Malware" ?

You can try running SuperAntiSpyware as well... But as a pop-up I meant that the program comes up as popup. What kinda pop-ups do you get? Are these advertisments eg. to download contents to your phone or something like that? Because I see these too on a lot of page, the webadmins add these advertisments to their site to get some extra money....

SuperAntiSpyware detected nothing, and these advertisements are coming at any website, even these norton forums. They are mostly popups that have to do with what I am looking at. Such as... when I am on the Norton forums, I get a popup to this other security system.

That sounds really strange....

Update both Norton and Malwarebytes/SuperAntiSpyware, and then restart your machine in Safe Mode (by the boot press F8, and select safe mode from the list).

When Windows is loaded, do a full system scan with the security softwares.

In Safe Mode these programs can not run, and it is easier to remove and detect them.

 

Let us know the results.

Hello snipes1988

 

If after doing what was suggested and you are still getting the popups, then please try and run a HiJackThis to see if anything shows up on that which is triggering those popups. Also after malwarebytes cleaned up what it found, did you remove your restore points?

 

Please download HiJackThis from http://free.antivirus.com/hijackthis/ Choose the executable and save it on your desktop. Run the file and select the first option on the main menu "Do a system scan and save a log file". When this is finished, Notepad will open with the log file in it. Save the log file and attach it to a post here via the Add Attachments Please don't attempt to fix anything that it shows until someone checks out the log. Thanks.

 

I ran the scans in Safe Mode and the only things found were 7 tracking cookies by Norton. I also ran HijackThis and heres the log. Also, HijackThis gave me a error message, it said that "For some reason your system denied write acces to the Hosts file. If any hijacked domains are in this file, Hijack This may NOT be able to fix this." it told me to run HijackThis as administrator, but when I right click it, I do not get that option.

So should I have HijackThis make any changes??

Is there anyone on these forums that knows how to check this log? If not, then can I get a link to maybe another place I can get this log checked.

I'm not an expert of the HijackThis logs, but I saw nothing serious in these logs.

The only strange thing is for me, that it reports several Windows files as missing....

 

To solve it open an evelated command promt (in start menu write cmd in, and right click on the icon and run it as administrator). In the cmd window write this in: sfc /scannow.

When the scan is done, reboot, and then check again the pop-ups.

 

Let us know the results.

Hello snipes1988

 

I have just asked someone to check out your HiJackThis log. Sorry for the delay. I don' think he's missing windows files, it shows up like that with his o/s =x86. But I don't know if there is anything on it that needs to be fixed of if it is giving any hints of malware.