Norton power eraser

Norton Security / Norton Internet Security /
1

After running the power eraser to correct ERROR 8504, 104 on my Dell VOSTRO 1500 laptop, I could no longer connect to the Internet via a router and then DSL Modem.  A desktop connected to the same router and Modem had no trouble connecting to Internet.

2

Hi Hugh!

 

It´s like 140 bucks. I contacted phonesupport after i turned to chatsupport. I dont think they were scammers. But i was surprised they couldn´t be of assistance. 

Altough 140 bucks feels like a scam in that sense ;)

 

My ID: 19.2.0.10

 

Have had a lot of trouble lately both with my mobile internet connection and the anonymus service i use.

I suspect i´ve got something that Norton can´t detect so i went ahead and tried NPE.

 

I thought it to be really strange that it couldn´t do a root kit scan. But perhaps it´s noting (?)

Another strange thing, besides being disconnected, is that i found a file in my thrascan i deleted a week ago. It was suddenly in the trashbin for no reason whatso ever???

 

Dunno if that´s a indicator for infection but it ranks pretty high up in absurdity.

 

/Den

3

If something is interfering with the scan, try the Norton Bootable Recovery tool.

It has power eraser on it as well as an offline scanner.

http://security.symantec.com/nbrt/overview.aspx

 

You will need your serial number to be able to use the disk, have it on a piece of paper or something before booting to the CD.

Dave

 

 

4

I recommend that on a clean computer, you download Microsoft's System Sweeper. Don't worry about it being in Beta. It is the same program that has been available to their corporate customers for some time now. The only thing that seems new is the way the bootable media is built and the fact that it does not come with the other tools that come with the corporate version. You can either make a bootable UFD (USB flash Drive) or bootable CD. Make sure you get the version that matches the infected or (32-bit or 64-bit).

5

Thanks Denner, for the additional background -- probably the right order of magnitude and as long as you made the first move!

 

I think, understandably, they have to work on the principle that so many people are careless about where they go on the internet (I don't' mean you <g>) that there's no way they could give a free cleanup service just because one paid a few bucks for the product.

 

The greatest danger to your computer lies between the left ear and the right ear of the user ....

 

You're in good hands now ...

6

Thank´s all!!

 

Dave,

 

I don´t have a discdrive within my laptop (Acer aspire 1810 TZ). Whats next for me at this point?

Bootable usb? Why is it necessary to boot ? Or has i misunderstood.  My "swenglish" leaves me pondering at all the terminology here :P

 

/Den

 

 

7

Not a problem if U don't have a CD\DVD can use a USB drive to create a NBRT scan device.When

Using NBRT wizard(U can launch the wizard from Norton program in start menu),select USB drive.U can also update virus definitions of Norton Bootable Recovery Tool on the USB Key.One important thing to mention,when you use a USB drive,

the USB device is reformatted by NBRT.so make sure you take a back up of all data from that drive.

Once the drive is created,boot the system using the USB disk you created and run a full system scan.

Regarding "Why is it necessary to boot ", that because Norton Bootable Recovery Tool will be performing a virus scan

in the Windows preinstallation environment.which means it will unrestricted access to the drive and data stored ,which may not be possible when a regular virus scan is run.

Before you try this,have U tried running a full system scan in safe mode with your installed Norton program ?

Just because you are unable to run rootkit scan from power eraser does not mean there can a virus\rootkits in the system.this can happen because of lots of other factors.

8

Will do a full scan in safe mode.

Will return if needed with questions about the usb drive.

 

Thanks!

 

/Den

9

 

I did a normal scan during safemode and Norton found a couple of infections. I was hoping you guys could give me some advice on this. I took some screenshots of the results (jpg) wich isn´t the right format to attach here i found out. I thought perhaps pictures would speak for itself.

 

Could it be false positives? Or a virus that copies itself?

In that regard i didn´t dare erasing the "452ef.msi" file, thinking it could do damage to my OS.

Also Norton found my ISP mobile internet software (tele2connectsetup)  to contain virus. Seemed strange to me.

(I erased all threats except the "452ef.msi".)

 

Norton detected "heuristic virus" in the compressed "Data1.cab" file (I ´ve chosen to include scanning of compressed files in Norton options)

 

A while back Norton also found what it tought to be a virus in one of my rarlabs files, the "rarext32.dll". Because this is a compressed file it made me think this could be a false positive aswell (?)

 

Where do i go from here?

 

 

/Den

10

Hi guys!

 

I´m having a difficult time doing a scan when including a root kit scan on my win 7 64-bit laptop with Norton power eraser.

I have Norton internet security 2012.

The NPE program fileversion is 2.1.0.12.

 

All my computer does basically is restarting without scanning.

Whats up with that? Got me kinda suspicious.

 

Also in chatsupport they hinted that this problem could in fact indicate that i´m infected.

They recommended me to have a virus removal support done

cost 999SEK (swedish crowns)

I figure i post my question here first. Couldn´t find any similar probs in the forum either.

 

Greatful for som answers on this.

 

Regards

/Den

11

From what I have seen, a rootkit/bootkit has some pretty noticeable symptoms.  If Norton is working properly, you have access to security sites, you are able to download and install a series of security applications, it would not appear likely that you have a malware problem.  Norton also identifies TDL3/4 and provides a warning that manual assistance is required to remove it, as well as identifying the Zeroaccess rootkit as Tidserv Activity 2.

 

Norton Power Eraser is not a suitable tool for a second opinion scanner.  It is very aggressive and as a result, much more likely to throw false positives, which is what I believe it has found on your machine. 

 

Norton has also been finding .msi files as suspicious when scanning in safe mode.  This is a known issue on on the NIS/NAV forum and is more likely to occur when the scan settings are set to aggressive.

 

Regarding the screenshot. the .jpeg is an accepted file format, but the image has to be inserted using the little green tree icon in the reply editor.  It can't be attached. .  It would still be useful if you could insert that image for us.  It will take some time for a Mod to approve it before we can see it.

12

Hi delphinium!

 

I did a scan with Norton AV, not NPE, in safemode. It seems strange to me that it would find false positives while in safemode and not during the regular scan.

Why did a file i deleted a week before suddenly reappear in my trashbin?

 

 

Here´s the pics.

It´s in Swedish language but i hope it´s not a problem :)

 

 

 

data1 cab.jpg452ef.jpg452ef.jpg

Irarext32.jpg

/Den

13

All of the Norton products are objecting to compressed files when the scan is run in safe mode for some reason.  Symantec is looking into it.

 

It should not reappear in the trashbin.  Files can reappear if you delete a minor file that a program needs.  The program will rebuild it.  If that happened the file would be back where you deleted it from.  If it is in the trashbin, I would have to wonder if you forgot to empty the trashbin after deleting the file.

 

Superantispyware makes a portable USB scanner, as well as a regular free version,  that you could use as a second opinion scan.  Most of us use Malwarebytes free version as an on demand scanner.  I would suggest that you start with one of those to see if there are any malicious files on your machine before going to the more advanced, and therefore more dangerous tools. 

 

http://www.filehippo.com/download_malwarebytes_anti_malware/

 

www.superantispyware.com

http://www.superantispyware.com/portablescanner.html

14

Heuristic virus? In compressed archives? ...
I think it's a fault by of one of Symantec scanning engines. Because the viruses in compressed archives are harmless. Believe me. Because in order to get infected you will need to do 2 basic things:
1. Extract potentially viral file from archive.
2. Execute that file.

 

When you will perform step 1, Auto-Protect will scan a particular file by "Standard file signatures set" and if it will be recognized as malicious/viral it will be deleted immediately by Auto-Protect.

When you will perform step 2, SONAR and Norton Insight will check that file using dozens of different criteria.

 

If you examine these 2 results then you will understand that chance of getting infected is really small.

15

Thank u guys!

 

So all in all i´ve never been infected in the first place, but fooled due to an "over sensitive" symantec engine?

Will do a scan with complementing program such as Malwarebytes or Superantispyware.

 

I´m still weary about the file i deleted tough. It was an imagefile that i´m confident i deleted properly a week before(i use CC cleaner every time i´ve been using my computer). Perhaps this is just one of those universal mysteries that one goes on pondering about.

 

I am currently renting a room in a house wich provides internet. I was thinking of the safety aspect of using this connection. (my land lord is one fishy dude)  They´ve got this internal sharing..thingy with win7 and i honestly dont know if ivé been a part of this unknowingly. The guy got this routers and sharinghubs and all sort of stuff idon´t know much about.

 

Should i be concerned about it?

 

/Den