After IS gave me a "no threats found", all of the threats listed in the ASO scan below was still on my PC: Just a small sample of what Norton IS missed. Had me down for 3 days. Yes, updated definitions before the san, all the "protection" was on and I scanned right before this scan by ASO Why did Norton miss ALL these threats and many others I had to use other working software to finally get my systems back up and running????
Norton:
Category: Scan Results Date & Time,Risk,Activity,Status,Task Name,Scan Time (d:h:m:s),Total items scanned,Files & Directories,Registry Entries,Processes & Start-Up Items,Network & Browser Items,Other,Trusted Files,Skipped Files,Total Security Risks Detected,Total Security Risks Resolved,Total Security Risks Requiring Attention,Heuristic Virus,Heuristic Virus Resolved 9/10/2011 11:38 AM,Info,Idle Quick Scan results, Completed,Idle Quick Scan, 0:00:05:54,"6,351","1,220",462,"4,094",28,547,0,0,0,0,0,,
ASO SCAN:
Scan Log Total Time: 169 Mins 22 Secs Start Time: Sep 10, 2011 at 08:45:09 AM End Time: Sep 10, 2011 at 11:34:31 AM RogueProgram.MS-Antispyware-2009 (Rogue Antispyware Program) Status : Quarantined Infected registry keys/values detected hkey_current_user\software\microsoft\windows\currentversion\drivers hkey_current_user\software\microsoft\windows\currentversion\drivers\video hkey_current_user\software\microsoft\windows\currentversion\drivers\video\options -------------------------------------------------------------------------------- RogueProgram.WinAntiVirus-Pro-2006 (Rogue Antispyware Program) Status : Quarantined Infected registry keys/values detected hkey_classes_root\*\shellex\contextmenuhandlers\shellextension hkey_classes_root\directory\shellex\contextmenuhandlers\shellextension hkey_classes_root\drive\shellex\contextmenuhandlers\shellextension hkey_local_machine\software\classes\*\shellex\contextmenuhandlers\shellextension hkey_local_machine\software\classes\directory\shellex\contextmenuhandlers\shellextension hkey_local_machine\software\classes\drive\shellex\contextmenuhandlers\shellextension -------------------------------------------------------------------------------- Malware.goldun (Generic Malware ) Status : Quarantined Infected registry keys/values detected hkey_local_machine\software\microsoft\windows nt\currentversion\windows\requiresignedappinit_dlls -------------------------------------------------------------------------------- Malware.hatob (Generic Malware ) Status : Quarantined Infected registry keys/values detected hkey_local_machine\software\policies\microsoft\windows nt\windows file protection\sfcdisable -------------------------------------------------------------------------------- Trojan.swisyn (Trojan) Status : Quarantined Infected registry keys/values detected hkey_local_machine\system\currentcontrolset\services\catchme hkey_local_machine\system\currentcontrolset\services\catchme\type hkey_local_machine\system\currentcontrolset\services\catchme\errorcontrol hkey_local_machine\system\currentcontrolset\services\catchme\start hkey_local_machine\system\currentcontrolset\services\catchme\imagepath hkey_local_machine\system\currentcontrolset\services\catchme\group hkey_local_machine\system\currentcontrolset\services\catchme\enum hkey_local_machine\system\currentcontrolset\services\catchme\enum\0 hkey_local_machine\system\currentcontrolset\services\catchme\enum\count hkey_local_machine\system\currentcontrolset\services\catchme\enum\nextinstance -------------------------------------------------------------------------------- Malware (General Components) (Generic Malware ) Status : Quarantined Infected registry keys/values detected hkey_current_user\software\microsoft\security center\antivirusdisablenotify hkey_current_user\software\microsoft\security center\updatesdisablenotify hkey_current_user\software\wget -------------------------------------------------------------------------------- Trojan-Downloader.VB.ask (Trojan-Downloader) Status : Quarantined Infected files detected FileName: c:\system volume information\_restore{87925209-405c-42a6-8fee-9cf10cc35238}\rp2420\a0816046.com MD5: 92bd80f82fe8a28385b7d9d3f215e8b3 (73728 Bytes) Signature: FileName: c:\system volume information\_restore{87925209-405c-42a6-8fee-9cf10cc35238}\rp2420\a0816116.com MD5: 92bd80f82fe8a28385b7d9d3f215e8b3 (73728 Bytes) Signature: FileName: c:\system volume information\_restore{87925209-405c-42a6-8fee-9cf10cc35238}\rp2420\a0816896.com MD5: 92bd80f82fe8a28385b7d9d3f215e8b3 (73728 Bytes) Signature: FileName: c:\system volume information\_restore{87925209-405c-42a6-8fee-9cf10cc35238}\rp2421\a0817033.com MD5: 92bd80f82fe8a28385b7d9d3f215e8b3 (73728 Bytes) Signature: