12-20-2010 12:52 PM
12-20-2010 12:53 PM
What is it and what can I do to stop it.
12-20-2010 03:59 PM
What product you use? Is it Symantec Antivirus 8?
12-21-2010 07:38 AM
Sounds like a fake AV product has infected your system.
If you are using SEP or SAV, I would start with downloading the latest Rapid Release definitions.
If using any other AV, make sure you have the latest definitions as well.
One you have the new defs, boot into safe mode and running a Disk Cleanup (right-click the C drive, Properties, Disk Cleanup) - that will delete all the files that are in these temporary locations, as well as IE's temporary files, etc. Perform a full system scan in safe mode.
If that fails to detect and remove the threats,
there are useful some tools that are provided by Symantec for help with finding those hard to detect threats.
1. The Power Eraser Tool eliminates deeply embedded and difficult to remove threats that traditional virus scanning doesn't always detect.
2. The SERT (Symantec Endpoint Recovery Tool)is useful in situations where computers are too heavily infected for the Symantec Endpoint Protection client installed upon them to clean effectively.
3. The Load point Analysis Tool generates a detailed report of the programs loaded on your system. It is helpful in listing common loadpoints where threats can live.
Rapid Release Virus Definitions –
http://www.symantec.com/business/security_response/definitions/download/detail.jsp?gid=rr
Power Eraser tool –
http://security.symantec.com/nbrt/npe.asp?lcid=1033&origin=default
How To Use the Symantec Endpoint Recovery Tool with the Latest Virus Definitions –http://www.symantec.com/business/support/index?page=content&id=TECH131732&locale=en_US
Support Tool with Power Eraser Tool included –
http://www.symantec.com/business/support/index?page=content&id=TECH105414&locale=en_US
How to use the Load Point Analysis within the Symantec Support Tool to help locate suspicious files http://www.symantec.com/business/support/index?page=content&id=TECH141402
If you are unable to remove the threat(s) from your systems, please submit the suspected files to Symantec or ThreatExpert for analysis. New signatures will be created and included in future definition sets for detection.
http://www.symantec.com/business/security_response/submitsamples.jsp
http://www.threatexpert.com/submit.aspx
Good luck,
Thomas
12-22-2010 04:58 AM
Please see this link on how to remove:
http://www.bleepingcomputer.com/virus-removal/remove-antivirus8
01-04-2011 03:22 AM
Will the AV8SCAN disinfection/removal advice also work with Norton Security Suite? I'm running the Norton comprehensive scan at the moment, the rest seems a bit out of my league.
01-04-2011 04:49 AM
Yes, it should. The removal is not dependent/related to NSS so it should work fine.