Malware which can apparently defeat Norton Antivirus

I have apparently acquired some type of malware that appears able to defeat Norton Antivirus 11.  I am running OS 10.6.8 and NAV 11.1.2 on a Mac mini with a 2.66 Ghz Intel Core 2 Duo.  Yesterday I received an e-mail with the title "FW: Monday Hearts for Madalene".  The message contains innocuous text and images related to a publication of the same name as the title.  The message autonomously forwarded itself to other addresses.  When I ran a manual system scan with NAV the antivirus program froze at different points in the scan four different times while simultaneously showing the splash screen saying that the scan had been completed without finding any viruses, etc.  At this point I am seeking advice on how to deal with this situation.

 

First of all, there are no simple answers. As much as I don't like it, I am forced into asking you questions about your system, this will not be easy. I notice you are still on Snow Leopard, OS X 10.6.8 and NAV  11 1.2.. How long has it been since  you ran “LiveUpdate”?  have you “Enabled Auto–Protect”? Do you run manual scans of your hard drive, instead?

 

Now, let's take a look at your hard drive and operating system. There are some great questions that should be asked, this isn't the time. But the big questions, we must ask. Are you running ONLY Snow Leopard on this computer? By the way, if you are running, “Boot Camp" or any other virtual machine or compiler, you may need to deal with each one as a separate "Operating System".

 

Take a look at your applications, are they the latest versions for Snow Leopard? Many good applications come from Open-Sourrce, as long as it is for the Mac, fine. Many applications have their own security functions written into them.

 

Yes, I know that I sound insulting, but it's these types of things that cause ME, the heartburn. If I can save you from it, that only makes it twice as good. There was an addage that went like the this, "A fool does not learn from his own mistakes. A smart man learns from his own mistakes. A wise man learns frow somebody else's mistakes." Please, learn from my mistakes.

Hi Grumpy,

 

I ran live update prior to running the scans.  Typically all auto protect functions are enabled, I run manual scans only when a problem is suspected.  I run snow leopard as primary os.  I have Windows 98 and Windows 7 running under Parallels Desktop without separate partitions.

I do run some old applications including Microsoft Office 2004 and Photoshop and Illustrator CS.  Everything else is contemporary.

I am not insulted at all, I have a problem to solve.  I tried scanning only the System folder and NAV froze.  i turned off all compressed file scanning and NAV froze.  

Any and all assistance is appreciated--I am insult proof.

 

Thanks!

Hi there!

Try running a full system scan in safe mode. :slight_smile: Be sure your Mac is shut down.

To start your Mac in Safe Mode:

1) Press the power button.
2) Immediately after you hear the startup tone, hold the Shift key. The Shift key should be held as soon as possible after the startup tone, but not before the tone.
3) Release the Shift key when you see the gray Apple icon and the progress indicator (looks like a spinning gear).

Let us know if this helped.

-Vorpal

Hi,

 

You have an interesting problem. I woke from a sound sleep, thinking about this. At some point, you had a functional Mac and at another point, your functional Mac has issues with NAV. We need to look at the sequence of installations on your Mac, from functional to dysfunctional. But in reality, we are actually working backwards and hopefully, we'll find the stumbling stone.

 

By the way, when did you do decide to install NAV, in the overall sequence of events? I am not looking at your screen, therefore I must ask stupid questions. Did you ever have full functionality of Norton Anti-–Virus on this configuration? I am only talking about the Mac version.

Hi,

 

When I restart in safe mode NAV puts up and error message saying it cannot load its preferences and I am unable to run a scan.

 

Thanks.

Hi,

 

NAV was installed toward the end of the process of setting up the computer.  All has run flawlessly until a few days ago.

 

I typically rely on auto protection but once in a while will run a system scan as a precaution.  The system scan worked fine about a week ago.  After getting the possible malware NAV started freezing during system scans.  I am not seeing any other abnormal behavior in the computer.

 

Thanks.

I scanned the root directory one folder at a time and got through without incident or discovered malware.  The best theory I can come up with is that there may have been some programs open at the time of the scan that conflicted with NAV.  When I shut down as many programs as possible and ran the scans I was OK.

 

I am running an additional system wide scan to try to verify that things are OK.

 

For now I will consider this problem as solved.

Hi-

 

A question about the sequence of installations, which came first,  “Parallels” or “NAV"? rather than sounding like a virus, it sounds more like the corruption of your preferences.  Rather than calling this "Malware", I tend to think this is more like a configuration issue, more than anything else.

 

Question, OK, this makes it possible for you to run Windows, does that mean Windows is  installed without a partition?

 

These hybrids bring with them many positives and also many negatives or a type of virtual benefit/cost ratio. This is where I believe you didn't do your 'homework'. Truth be told, I've made the same mistake. But, I also paid the price for those failures. Go read your documentation on both "Parallels" and "NAV". Oh, you've read your documentation. Great, read it again, does "Parallels" or "NAV" have counsel about your configuration and concerns? If yes, did you follow it? Why or why not?  If they had no counsel, did you pursue it? Why or why not? If these companies want to stay in business, they need to help with something more than "Community Boards". You've got something to work with, I'm done.

Thanks!

 

jh

Great! Glad to hear it!