Virus Found /AntiVirus Help Needed

Discussion in 'Networking and Security' started by slowtrend, Feb 7, 2004.

  1. I have a current subscription to Norton Antivirus. I was having some problems with the software scanning. I have run the system scan on a regular basis these past two weeks, and supposedly it scans everything on my computer.

    I also ran Symantec's online scan, and I tried McAfee also, just to be sure. They found nothing, but I still had some doubts.

    Today I went to the following site:

    http://www.ravantivirus.com/

    and I ran their free online scan.

    Sure enough, the scan found three viruses!

    Scan started at 2/7/2004 2:47:31 PM

    Scanning memory...
    c:\WINDOWS\Application Data\Identities\{A05D3AC6-1927-4C44-8836-93FE2011B11F}\Microsoft\Outlook Express\Inbox.dbx->Message.497: (Admin [Abort Letter])->(part0000:)->(IFRAME0000) - HTML/IFrame_Exploit* -> Infected

    c:\WINDOWS\Application Data\Identities\{A05D3AC6-1927-4C44-8836-93FE2011B11F}\Microsoft\Outlook Express\Inbox.dbx->Message.497: (Admin [Abort Letter])->(part0001:erhjwzw.exe) - Win32/Swen.A@mm -> Infected

    c:\My Documents\My Received Files\alegale mix.exe->(UPXW) - Joke:Win32/Train -> Infected

    Scanned
    ============================
    Objects: 57437
    Directories: 6951
    Archives: 6800
    Size(Kb): -1471036
    Infected files: 3

    **

    I'm pretty disgusted that I'm paying for Symantec and it didn't find the viruses.

    What should I do besides complain to them? Can the above viruses disable the Norton AntiVirus, or hinder its scanning?

    This is a dumb question, but how do I search in the Outlook Express inbox to find a numbered message, message.497, according to the virus scan? Is that what I need to do? Any suggestions?

    I might go with this newer virus program, http://www.ravantivirus.com/

    Does anyone have any other recommendations for antivirus help?

    Thanks for your help.
     
  2. MrDinky

    MrDinky

    Thanks for the link - I also have NAV and it's disappointing to hear what you're going through. I'm running a scan in the background right now - doesn't hurt to be safe. I don't know if I'd get the software though considering they were just acquired by Microsoft. That'll bring them to mediocrity in no time.

    In answer to your question, did you check off the 'autoclean' option while you were running the scanner? Perhaps it'll fix those three viruses it located.

    :cool:
     
  3. Bob111

    Bob111

    almost all symatec stuff is piece of crap. specially 2004 with new registration process. leave them alone and let them die.
    systemwork f**d up my computer couple times,now you can only install it on one computer and no matter what happends-no more than 5 times..
     
  4. I would like to isolate the emails to see where they have come from. My problem is my inbox is stuffed. :D But if I can't do that I will go back and run the AutoClean on their site.

    I'm not impressed with Symantec, that is for sure. And knowing RAV was acquired by Microsoft is disappointing too.

    Is there any chance the exploit virus is sending out info from my computer? I don't know and it does concern me.
    I had a major disaster with PayPal fraud the first week of January. And I mean major. It is all resolved now. I was told by PayPal it was someone logging in as me, but no one has all of my info to do that. And it didn't make sense that someone would use PayPal if they had my CC and info. You get an email notification within seconds after a PayPal transaction. Anyone with my CC info could have charged it anywhere online and then I would have waited for the bill to come. They would have been long gone before I got my CC bill.

    Regards.
     
  5. if it is a Spyware it might go undetected by many anti-virus programs . It would not surprise me, well I am really not knowledgeable but I got some nasty stuff not long ago and now I think everything is possible.
     
  6. MrDinky

    MrDinky

    While it is *possible* a virus via a keylogger trojan would be able to record your keystrokes and possibly your login information as you visit the site, it's highly unlikely that's how your information was acquired. More than likely it was simply lax security on the part of Paypal.

    http://www.paypalsucks.com

    You are not alone.


    I've been happy with Norton products (exception being the firewall.) The NAV is not perfect, but none really are. It's pretty unobtrusive and it doesn't hog resources either. This site rates the different virus scanners based on how well they detect the ones currently in the wild. You'll see they all fail at one time or another.

    http://www.virusbtn.com/vb100/

    Try doing a web search on the names of those three viruses and see what problems they cause.

    :cool:
     
  7. B1010

    B1010

    My computer also was having some problems like excessive pop ups and freezing up. I had Norton 2004 but the Scan found nothing. I eventually found out it was Spyware which was causing my problems. Norton and other anti-virus software usually can't detect it. I guess technically spyware isn't a virus. I ended using this particular software to get rid of it (below). What you can do is run a free scan then if have excessive spyware on your system you can buy the removal software which you can use to scan your system whenever you like. This one worked for me.

    http://www.enigmasoftwaregroup.com
     
  8. MrDinky

    MrDinky


    Scratch that - I looked them up for you, ironically on Symantec.


    http://securityresponse.symantec.com/avcenter/venc/data/iframe.exploit.html

    http://securityresponse.symantec.com/avcenter/venc/data/w32.swen.a@mm.html

    http://securityresponse.symantec.com/avcenter/venc/data/joke.train.html

    :cool:
     
  9. rwk

    rwk

    I am not a virus expert, but I have heard that some viruses target virus-detection software, and try to disable it.

    I use NAV, and I have had no problems with it. It has intercepted at least a dozen emails containing viruses. I don't believe I have ever been infected.
     
  10. I sincerely appreciate the great links and help you have all provided. I had no idea that PayPal had so many complaints against it. I have run Spybot Search and Destroy and Adaware in the past. It found some minor things. I will check out the new one.

    My tech support skills are on the low end. I let the computer get all screwed up over a period of years and then get another one.

    I will check out the rest of the links and follow through.

    Regards.
     
    #10     Feb 7, 2004