Hi!

I use Norton Anti Virus 18.6.0.29 licenced version with up-to-date virus signatures.

I conduct full scans once a week. The most recent one being today.

Nothing was detected.

However, there was a suspicion that there was some virus on the system and so I downloaded and installed Microsoft Essentials and after updating virus signatures I ran a full scan. This anti-virus software detected the following on my PC:

Worm: Win32/Autorun.WZ that had infected

file:C:\Users\new user\new user1\winlogon.exe and

file:C:\Users\new user\new user1\winlogon.exe

process:pid:4544

regkey:HKCU@S-1-5-21-1039462814-2718232319-2291008138-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\NVIDIA Media Center Library

runkey:HKCU@S-1-5-21-1039462814-2718232319-2291008138-1000\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\\NVIDIA Media Center Library

The anti-virus also indicated that alert was severe and removed the worm from all files listed above.

How come Norton failed to detect this worm and the infections?

I then ran Microsoft Essentials  on my laptop that also uses latest version of Norton Anti Virus with updated virus signatures and once again it detected the same worm that Norton had failed to detect.

Is this a problem with Norton or Microsoft Essentials or my PC/Laptop?

Please advise ASAP.

Thanks.

Rajan Medhekar

Hello medhekar

Welcome to the Norton Community Forum

When you ran Microsoft Essentials, did you first thoroughly remove NAV 2011? If you did not, then you were running 2 real time antivirus programs at the same time. This may lead to a false positivie also. Another point is that not every security program will be 100 % successful in catching every piece of malware. If you want to get a 2nd opinion, then it is recommended that you run the free versions of Malwarebytes and/or the free version of SuperAntiSpyware. These products will not interfere with NAV2011.

Download the free version, install and update then run a FULL scan. After the scan completes you should post the logs back to this thread.

You can find Malwarebytes here

http://www.filehippo.com/download_malwarebytes_anti_malware/

It is a safer location to get the program from than malwarebytes themselves because some malware creators have large lists of sites that they block. Please be careful to down load the correct program ----the FREE version of MALWAREBYTES

(Thanks to Delph for providing the alternative site)

Here is a free on demand antimalware scanner. It is safe to use on demand with your Norton product.


http://www.superantispyware.com/

Here is another site you can use to get the program.

http://www.filehippo.com/download_superantispyware/

The download button is on the right hand side. Please be careful not to download Spyware Doctor which is on the left side. Also, please don't forget to update the program each time before use of it. In fact you can update it every day just in case some malware may prevent you from updating it.

With a current subscription of NAV 2011, you are also entitled to a free upgrade to NAV 2012. Here is the link for it for the English version of the product.

Link forNAV 2012

www.norton.com/nav12 (Norton AntiVirus 2012)


Please remember to run live update to get all updates and then reboot once more. Thanks.

(thanks to Yaso for the links.

Please come back and let us know how you made out. Thanks.

Hello Medhekar, 

We never recomend installing two security software side by side. Like has already posted before you should use a stand alone scanner if you want to double check. We also have the Norton Prower Easer tool which is free and can be downloaded here: http://us.norton.com/support/DIY/?inid=us_hho_support_tovnav3_spyware&virusremoval&product=Norton%20Internet%20Security&version=19.1.0.28&layout=Retail&partner=&ispid=&sitename=&actstat=activated&substatus=current&ncoap=1

Hi!

No, I didn't install two anti-virus software side by side. It was only when it was felt that there is some virus in the system that was not being detected by Norton that I tried Microsoft Essentials. What happened was that a new flash drive used on my PC when passed on to a colleague who had a different anti-virus software on his PC detected an infection that I felt I should re-check my PC. I ran a full check with Norton after updating the virus signatures but it did not detect the infection. That's when I tried Microsoft Essentials and it found the infection I have reported.

The question is: How positive can I be that the detection of the virus was a "false positive" ?

Now, on the advice of another who was first  to post a reply to my initial query I have removed Microsoft Essentials, installed the stand-alone anti-virus software he has suggested and am using it for a second opinion.

Rajan Medhekar

---

medhekar wrote:

Hi!

 

No, I didn't install two anti-virus software side by side. It was only when it was felt that there is some virus in the system that was not being detected by Norton that I tried Microsoft Essentials. What happened was that a new flash drive used on my PC when passed on to a colleague who had a different anti-virus software on his PC detected an infection that I felt I should re-check my PC. I ran a full check with Norton after updating the virus signatures but it did not detect the infection. That's when I tried Microsoft Essentials and it found the infection I have reported.

The question is: How positive can I be that the detection of the virus was a "false positive" ?

 

Now, on the advice of another who was first  to post a reply to my initial query I have removed Microsoft Essentials, installed the stand-alone anti-virus software he has suggested and am using it for a second opinion.

 

Rajan Medhekar

---

It sounds like from your post that the other anti-virus software removed what it thought was a worm from your computer. What you can do is run a full system scan with NIS then run anther scan with one of the stand alone scanners after updating it. If those two thing tell you that you have no threats on your computer then I would say the chances of you being infected with malware are very very small.