Greetings;

I tried the trial for NIS2009 on 2 computers. On one machine, it works great. On the other machine, I'm having problems.

The program windows will simply vanish with no error message when I try to update or scan.

I tried to reinstall but it won't uninstall in the first place and stays on the "preparing to uninstall" window for over 10 minutes (longest I waited) whether I choose the custom or complete uninstall options. These problems happen on clean bootups (everything but MS services disabled) as well as normal bootups.

I uninstalled all other antivirus and antispyware programs prior to installing NIS2009, and I disabled all firewalls as well.

Furthermore, at random now, all logins will vanish from the login screen at boot, sometimes causing the need to reboot several times to get any logins back.

Lastly, this machine is not on-site, but several states away at my parents house. I've been using VNC Enterprise Edition (latest version) to remote login to handle all those problems that parents seem to have on a regular basis. Whilst my parents are "slightly" computer savvy, things like getting into Safe Mode and other such diagnostic tools that need to be loaded before VNC is active are out of my reach.

The flip side to that is I didn't use VNC to install or work with NIS2009. I had my mother clicking on things as we talked on the phone with VNC (and everything else, see above: clean boot) disabled while I had NIS2009 open on this machine so I could see the prompts and guide her properly. I fully expect to be needing to fly out there to continue troubleshooting this machine, but I'm hoping there is a solution that doesn't require that. As it sits right now, with the vanishing logins (which in turn affect VNC being able to login) at bootup, I'm not even sure I can try any suggestions you kind people make anyway, but, at least I'll have the replies available should I fly there.

OS: XP Pro, SP3, all updates.

Drivers: all current/updated.

Software: NIS 16.1 trial.

Machine: Athlon 64, 1gb ram, 6600GT, Abit mobo

As a side note, I'm very impressed with NIS2009. On the machine it is working on, it found and eliminated a keylogger, 2 hack tools, 2 rootkits, several trojans and a bios virus on my archive/backup book drive that had been scanned and pronounced clean by AVG, Spybot, Adaware, Fprot, Kapersky and Spyware Doctor (all latest versions, all updated signatures). I picked my jaw off the floor, after dropping it, as apparently I only *thought* I was safe. The good news was that the main HD on the working machine was clean as a bell. As such I really want to get this working on the machine giving me problems, and when I have the spare money, you can count me in as a customer, assuredly.

Be well;

--Dietche

First of all, please run Malwarebytes' Anti-Malware to make sure all Malware is off the computer; you may want to Scan in Safe Mode with SUPERAntiSpyware as well as with Malwarebytes' Anti-Malware.

After that, I would use the Norton Removal Tool; do not worry, get to re-install your Norton Security Product after re-starting from using the Norton Removal Tool.

Let us know how it goes.  :)

Malwarebytes' Anti-Malware: http://www.download.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html.

SUPERAntiSpyware: http://www.download.com/SUPERAntiSpyware-Free-Edition/3000-8022_4-187228.html?tag=mncol&cdlPid=559816.

Thanks for your quick reply. However, if that's the only reply/suggestion for my dilemma, I'll have to fly out there, as walking my parents through all that is just not an option.

Anything else that doesn't require Safe Mode? I've tried walking them through other Safe Mode repairs, and it usually ends up poorly.

Would using those products in a clean boot be productive? At least then I could follow along with VNC, and break the connection once the software and settings are ready to go, leaving them to just click "ok".

--D

---

dietche wrote:

Thanks for your quick reply. However, if that's the only reply/suggestion for my dilemma, I'll have to fly out there, as walking my parents through all that is just not an option.

 

Anything else that doesn't require Safe Mode? I've tried walking them through other Safe Mode repairs, and it usually ends up poorly.

 

Would using those products in a clean boot be productive? At least then I could follow along with VNC, and break the connection once the software and settings are ready to go, leaving them to just click "ok".

--D

---

You're welcome!

I would Highly-Recommend Scanning in Safe Mode in case there are any more Malware on the computer which is not being caught in Normal Mode.

<< Machine: Athlon 64, 1gb ram, 6600GT, Abit mobo >>

Is it by any chance and HP/Compaq machine? There are a number of them with AMD CPUs (ie Athlon) which were manufactured using a mal-formed master copy of the hard drive -- it was made on an INTEL machine and used on AMD machines. This has caused some problems that hung over after installing XP's SP3 or VISTA's SP1. There is a fix for it.

It could be useful to know what make/model machine it is -- and if it's a laptop.

Although you disable VNC it does install something on the client computer -- could that be interfering?

SAFE MODE is pretty easy to get to -- Hold down F8 as soon as something starts to boot up?

---

huwyngr wrote:

<< Machine: Athlon 64, 1gb ram, 6600GT, Abit mobo >>

 

Is it by any chance and HP/Compaq machine? There are a number of them with AMD CPUs (ie Athlon) which were manufactured using a mal-formed master copy of the hard drive -- it was made on an INTEL machine and used on AMD machines. This has caused some problems that hung over after installing XP's SP3 or VISTA's SP1. There is a fix for it.

 

It could be useful to know what make/model machine it is -- and if it's a laptop.

 

Although you disable VNC it does install something on the client computer -- could that be interfering?

 

SAFE MODE is pretty easy to get to -- Hold down F8 as soon as something starts to boot up?

---

I thank you as well for your reply. =]

I built the machine from scratch. Been building/repairing machines for 20+ years. Did a fresh 2600 build XP install, tossed on the service packs, .NET, updates, latest drivers, etc, etc etc. Oh, and, it's not a laptop.

As far as VNC, the machine would be considered the server, actually; and, when I say disable, I mean I shut the server portion down entirely. It's not running, at all, as verified by ctrl-alt-del.

Onwards :)

Whilst you and I find it to be child's play to enter/exit Safe Mode, it's not as easy as it sounds when you try to explain it to someone with slow reflexes and poor eyesight. Last time we tried, we ended up in the sata raid bootup utility and almost hosed the array. After 15 some odd minutes of them squinting we finally figured out the magic key combo to safely leave that screen and continue the boot process and still missed the window for hitting F8. After that failed attempt, I didn't dare try again, and wound up flying down there anyway for the last problem they had (bad power supply, had to swap that out and rewire the machine).

Anywhoms. Been talking to my mother for half hour now and we are going to *try* to get it into Safe Mode and get those scans run and get NIS2009 uninstalled (vis-a-vis that Norton removal tool) and reinstalled. Won't happen until tommorow afternoon tho. I'll post afterwards with the results of our scanning attempts, etc. Wish us luck.

--Dietche

What's wrong with flying down to Paradise where it's a beautiful springlike day here on the other West Coast and where the water temperature in the Gulf of Mexico is in the 80's -- it's 66 at the moment however. <g>

Yes I agree that Microsoft/BIOS makers did not make it easy to catch F8 on the fly and I too have a SATA controller as well as a SCSI one.

If the patient can get onto the internet -- I've not rechecked the thread -- is it worth trying the Symanatec On-Line scanner?

It's not clear to me whether you have a copy of NIS2009 yourself but if you do the other thing you could that might be more painless would be to use the Norton Recovery Tool (Not to be confused with the other NRT -- Norton Removal Tool)

You can download an ISO image of this, burn it to a CD and mail it to her. It's a bootable CD that updates its definitions and runs Norton from the CD

Note Step 5 so she will have to have handy the KEY for a copy of NIS 2009 hence my question about whether you have one installed and so suggested it for your mother>

What's wrong with flying down to Paradise where it's a beautiful springlike day here on the other West Coast and where the water temperature in the Gulf of Mexico is in the 80's -- it's 66 at the moment however. <g>

LOL

Yes I agree that Microsoft/BIOS makers did not make it easy to catch F8 on the fly and I too have a SATA controller as well as a SCSI one.

I had a brainstorm about that issue while I slept last night. While I am downloading the repair utility and the suggested malware scanners to their machine, I'm going to edit the boot menu options to force them to show up with a 30s delay. This way, no slight of hand is needed for her to do F8 and she'll only need to pick Safe Mode from that menu. Dunno why I never thought of that till now :)

If the patient can get onto the internet -- I've not rechecked the thread -- is it worth trying the Symanatec On-Line scanner?

I'm not aware of this tool. Got a link and/or more info please?

It's not clear to me whether you have a copy of NIS2009 yourself but if you do the other thing you could that might be more painless would be to use the Norton Recovery Tool (Not to be confused with the other NRT -- Norton Removal Tool)

You can download an ISO image of this, burn it to a CD and mail it to her. It's a bootable CD that updates its definitions and runs Norton from the CD

Note Step 5 so she will have to have handy the KEY for a copy of NIS 2009 hence my question about whether you have one installed and so suggested it for your mother

No, neither of us have a registered copy yet. My install and their install are both the trial versions. If using the Norton Removal Tool, the suggested malware scanners, the OnLine scanner, and reinstalling NIS2009 trial doesn't work, I'll explore the Norton Recovery Tool and mail that to them before I fly down there. 

Thanks again for your continued help.

--Dietche 

For future reference, if you are able to get into the windows desktop, you could use msconfig (start>run>msconfig) to choose to reboot with diagnostic or selective startup options and get almost the equivalent of a Safe Mode.

For future reference, if you are able to get into the windows desktop, you could use msconfig (start>run>msconfig) to choose to reboot with diagnostic or selective startup options and get almost the equivalent of a Safe Mode.

Thanks for your reply, mijcar.

But, that's how I got into the 'clean boot' I mentioned above in my first post, with nothing but MS services loaded.

I did a MSConfig, then Services Tab, then "Hide all MS services", then I unchecked everything left over. 

Update:

1> We've gotten NIS2009 successfully uninstalled via the Removal Tool

(which we ran, then rebooted, and ran again, as per instructions).

2> We've gotten the Malwarebytes and Superantispyware tools installed.

3> We've successfully entered Safe Mode and are scanning now.

(btw, the trick I posted didn't work for some reason, and we still had to wind up with

fast, perfect reflexes to hit F8 at the exact moment).

4> Malwarebytes finished and found three trojans, SASW is still going.

Once SASW is finished, we'll reboot and attempt to reinstall nis2009 trial and update/scan with it.

Wish us luck

--Dietche 

---

dietche wrote:

Wish us luck

--Dietche 

---

Believe me, we do!

Update:

1> SASW finished and only found cookies.

2> Did a clean boot (Services tab: only MS services, Startup tab: all off)

3> Installed NIS2009, default settings.

4> Managed to do a quick scan from the tray icon with right click, only cookies found. (definitions are 31 days out of date tho)

5> If I try to update definitions or run a full scan from the main menu, nothing happens. No windows pop up at all; or, *only* the "Buy Now" window shows up. I then hit "buy later" and nothing else happens then either. Neither the updater window will show up nor the scanner window, it just sits there on the menu window. 

6> It borked on the use of the Online scanner. It installed the ActiveX controls and then attempted to scan, then stopped.

 *sighs*

Me....................Wit's end

|||||||||||||||||||||||||||||||||||||||||||____

I guess the Norton Recovery Tool CD is my next option? There's obviously a bug that is recognizing and preventing AV tools from updating and scanning lurking around, eh? Do I need to pay for NIS2009 before I can use the Recovery/Autoscan CD?

<insert exasperated cry for halp>

--Dietche 

Quickly here before I jump back into your earlier message:

<< I guess the Norton Recovery Tool CD is my next option?  >>

From that Step 5 I mentioned I guess you have to have a copy of NIS with a KEY you can enter .....

If all else fails you can buy a copy and if does not work out you can return it within 60 days for a full refund -- store bought or from Symantec.

< From that Step 5 I mentioned I guess you have to have a copy of NIS with a KEY you can enter ...>

Ya, I was kinda hoping (wishfully thinking) that it might have some kind of trial option when you go to enter a KEY, kinda like how AVG will autogenerate a free KEY when you go to install their free version.

 < If all else fails you can buy a copy and if does not work out you can return it within 60 days for a full refund>

Thanks, we'll probably have to explore that option. Finances are a wee rough right now all the way around... not real sure when any of us will have the spare money for it.

--D 

<< If the patient can get onto the internet -- I've not rechecked the thread -- is it worth trying the Symanatec On-Line scanner?

I'm not aware of this tool. Got a link and/or more info please?  >>

Took me a while to find it! Things keep changing!

Try this link:

Try our new Norton Security Scan!

and click on the right hand button -- that took me to a page offering a choice of On-Line Security or On-line Virus scans.

If when you click on the right hand button you get a message about trying to close the browser TAB say Yes -- and wonder where it's all gone -- the new small window from Symantec opens under any other browser TAB you have open .... look on the bottom bar for a minimized TAB ......

One thing I don't know about these scans is whether they remove malware or just tell you if or what you have got. Someone may know or you can try it out on your computer! If I've a moment I'll try it on my laptop that only has one relatively small drive ....

More than understood about finances ....

See my reply about on-line scanning.

I tried it (the online scanner) already, as per point 6 of my latest update post.

It installed the ActiveX controls, did the close one window/open another window thing like you described, at which point it began scanning and checking out the system, then it just stopped and the window vanished.

Basically, the same exact type of behavior NIS2009 was displaying in my very first post in this thread. It would act all righteous, and then just vanish with no errors or logs generated. This is why I believe there is a bug/virus that is relatively new that can identify and prevent antivirus and antispyware programs from running. It's just shutting them down when an update or scan of any type is being attempted that actually 'touches' its files. Quick scans are seemingly unaffected but I believe it's hiding someplace a quick scan won't normally target.

I've tried looking for logs in the /program files/norton{blahblahwhatever} folders and no logs were ever generated (for any of the installs).

*shrugs*

btw, you can skip doing your laptop thing, no real need :) and thanks for your continued thoughts and suggestions, to all of you.

--D 

Thanks for the feedback.

Maybe I'm failing but I don't see a "as per point 6 of my latest update post"

In yor first post I understood you to be saying that it was installing that was the problem not running a scan?

I've seen posts recently where installation problems were solved by disabling System Restore (or in the case of installation of some other software disabling Norton's Autoprotect as well). Might be worth trying disabling System Restore to deal with an installation problem.

Do use the Norton Removal Tool after any failed installation.

Let's see if anyone else can help.

Thanks for the feedback.

Maybe I'm failing but I don't see a "as per point 6 of my latest update post"

In yor first post I understood you to be saying that it was installing that was the problem not running a scan?

I've seen posts recently where installation problems were solved by disabling System Restore (or in the case of installation of some other software disabling Norton's Autoprotect as well). Might be worth trying disabling System Restore to deal with an installation problem.

Do use the Norton Removal Tool after any failed installation.

Let's see if anyone else can help.

 *smiles gently*

We're both getting tired, I'm sure.

Mayhaps take a moment, friend, and re-read the entire thread, slowly, as I think it'll help.

To recap:

Initially, I didn't have a problem installing NIS, I had a problem with it functioning correctly (the windows kept vanishing) at which point I tried to UNinstall/reinstall, but that didn't work either. I used the Removal Tool, the suggested safe mode scanners, and so on, as per my update posts.

Currently, the latest install of NIS and the Online tool are both borked, such that the NIS windows won't even appear when you try to scan or update, and the Online tool window just vanishes midscan. 

I don't believe it's a case of the install for NIS being "bad" at this point, as the quick scan option seems to work fine, and the menu system seems to be ok too, but the quick scan is just not catching anything important like a full scan might, and the quick scan definitions are 30 days old too since I can't update in the first place. It's more like the program is being intercepted and forcefully exited before it can catch the bugger

It's not throwing any errors, no log files, nothing.  

We're going to try to buy NIS here in the next couple hours and burn the Recovery Tool ISO. I'll then have my parents run that from CD bootup and go from there. A last ditch effort before I have to fly out there and get all ugly on it.

I'm really, *really* hopeing not to have to fly out there for many reasons, not the least of which are finances and the fact I have to have oral surgery next week due to a bone spur sticking out my gums. It'll take a while to heal enough such that the altitude changes won't screw me up, which means something like Jan before I can even consider it.

This machine of theirs is used for conducting business for the company they own (quotes, invoices, payroll, etc) so being down a month is rather bad. Here I thought that putting a pair of HD's in RAID mirror would stop most of the problems they would have in terms of computer failure and data loss. Too bad that is a moot point here. Here I thought that running nightly/weekly scans using 3-4 of the supposedly top rated antivirus and antispyware tools would catch these buggers. Too bad they missed this bug entirely. 

At this point I feel like the only security suite that might even have a shot at finding this bugger is indeed NIS (especially after it's fantastic display of finding things on my own archive drive) since all the other tools are coming up blank.

Anyway :) Be well, I'll post more if something changes;

--Dietche 

Thanks for the recap -- that should help both of us, and anyone else who jumps in as I've requested.

With the price of hardware these days it might be an idea for your parents to buy a good inexpensive desktop unit and use either it or the laptop as backup. Personally I'd prefer a desktop and its keyboard to a laptop for heavy use.

As they say, correctly, it's not if the hard drive fails, it's when ...

<< I don't believe it's a case of the install for NIS being "bad" at this point, as the quick scan option seems to work fine, and the menu system seems to be ok too, but the quick scan is just not catching anything important like a full scan might, and the quick scan definitions are 30 days old too since I can't update in the first place. >>

There's a whole bunch of individual things there all of which I've seen reported by people here at one time or another although I don't think I've seen quick scan OK full scan not -- did you try turning off checking inside compressed files? There have been reports of it running into a problem on a file inside and not exiting with an error report. Symantec point out it is not as dangerous as it might seem to turn this off since even with it off the files inside will be checked the moment one is accessed.