Unable to remove this spreading threat - infected

Norton Security | Norton Internet Security
41

i think, you were testing keygen and not  a new malware...hehe  

 

 

 

 

42

Naw 2009 is not lousy. It sucessfully detected 99% of 2.3 million malware samples, in the top of the pack.

 

I would use Prevex CSI to sort out this issue. 

 

Also, make sure that the cracks are actually working cracks =). 

 

Often times cracks/serials/keygens are not malicious, instead, the majority of them are flagged by more heruistic oriented antivirus software as generic droppers, because they replace/modify/delete files of a program in order to crack it. 

43

what makes you think he'd do those sorts of things like cracks and keygens..lol !

44

I'm noticing minimal response from Norton. Which concerns me. I am not savy on all this, but I'm wondering if they are saying that it was not detected by Norton Products because it was not "obtained" in a natural way that us uneducated users would pick it up on our machines.

 

Where did the customer pick this up from?

45

Hello all,

 

The submissions to Symantec Security Response are in queue for review. They should be reviewed shortly and have a definition added for them.

46

Thanks Tim

 

I'll wait for a reply from SSR.

 

Cheers

47

Detection has been added for these files as Trojan.Pandex.

 

JohnM

Symantec

48

And some as Backdoor.Tidserv.

 

JM

49

so … why cant norton fight it ? some other AV can still partially fight it …i really have my doubts about norton now…yes norton is fast…but…u know. 

Message Edited by tanmx on 11-05-2008 11:36 PM
Message Edited by tanmx on 11-05-2008 11:38 PM

50

John M just said the files have been added so now Norton will find and detect them. No antivirus can find everything tanmx.

Message Edited by Dieselman743 on 11-05-2008 11:41 PM

51

Hi all

 

Finally figured out how to remove this one.

 

The scanners and repair tools aren't designed to address issues with the  the router caused by the infection. What this and similar viruses do is scan for routers without passwords, or very weak passwords, then plant their corruptions in it.

 

The solution was to reset the router, then flush the DNS.

 

Norton has now released definitions for this particular virus, however in their removal instructions the router disinfection is not mentioned. I'm going to bring this to the attention of SSR.

 

Thanks to all who participated in the thread!