hermosatrout
IS-IT--Management
Could a virus prevent Anti-Virus from running? ie NAV Auto-protect won't run in background.
Also, An infected file keeps coming back after I delete it.
I posted this to Norton but they don't answer any of the mail. Maybe someone can help me sort this out...
Reply to this issue| Ask a question about a different topic| View all messages
Author: larry t
Date: 10:50 PM, Aug 27 PDT
Subject: the file keeps re-generating after deletion
Product: Norton AntiVirus 2001 7.0 for Windows 95/98/Me/NT/2000
Supported operating system: Windows 95/98/Me
Name of the virus, trojan, or worm: backdoor.trojan
Name and location of the infected files: c:\windows\XPZHW.EXE
Dear Norton anti-VIRUS support:
Please help with this possible Virus problem.
PC system: compaqpresario7478/533mhz/64Mram/win98SE/OutlookE5.5
Series of events:
1. Jul28 a cablemodem and nic was installed by the cable co.
2. July29 windows wnt bezerk. I reloaded win98SE from CD.
3. Sometime afterwards I noticed that neither Norton nor Mcafee were running in the toolbar.
4. Aug25 I installed Norton antivirus2001. I spent hours unsuccessful to get Outlook Express to work with the mail proxy so I uninstalled Norton AV.
5. Aug26 I download Mcafee5.21 antivirus. The email autoprotect and download autoprotect would not load at startup. I uninstalled Mcafee antivirus.
6. Aug26 I again downloaded and installed Norton antivirus2001...
- The Norton autoprotect will not stay loaded from windows startup.
This line is in the System Configuration Utility "startup"
C:\Progra~1 Norton~1\ NAVAPW32 .EXE/LOADQUITE
- The Norton autoprotect will not load manually. It will not stay loaded by selecting it from the Norton "system status" window. The shield icon will appear in the toolbar for a couple of seconds and then disappears. I can do alt-ctr-del and confirm the program is not running. I can try to load over and over and same results.
7. I was able to do Norton full system virusscan and have found the infected file XPZHW.EXE (I have a quarantined copy) . Norton NAV could NOT quarantine the file because it was in use by windows. I rebooted to DOS and renamed the file. Then I rebooted to windows and then ran Norton full system scan again and then there were two infected files; the renamed file and a copy of the original. I rebooted to DOS several times and "del" deleted the file and every
time a new copy of the file appeared after windows reloaded.
8. The XPZHW.EXE file is listed twice in the System Configuration
Utility startup: "COM Services XPZHW.EXE".
9. When I go to start+run+regedit the "registry editor" window will not stay open. It disappears after two seconds.
10. In System Configuration Utility startup I notice:
"ScriptBlocking C:\Program Files\Common Files\Symantec
Shared\Script Blocking\SBServ.exe". Is this ok?
11. When win98 load and shut down I get this pop-up message:
"Windows Will Now Adjust The Network Settings To Your Needs, OK?"
Besides the virus file that keeps re-generating, seems like a lot of strange things happening.
Please help!!!
rgds/Larry T
Also, An infected file keeps coming back after I delete it.
I posted this to Norton but they don't answer any of the mail. Maybe someone can help me sort this out...
Reply to this issue| Ask a question about a different topic| View all messages
Author: larry t
Date: 10:50 PM, Aug 27 PDT
Subject: the file keeps re-generating after deletion
Product: Norton AntiVirus 2001 7.0 for Windows 95/98/Me/NT/2000
Supported operating system: Windows 95/98/Me
Name of the virus, trojan, or worm: backdoor.trojan
Name and location of the infected files: c:\windows\XPZHW.EXE
Dear Norton anti-VIRUS support:
Please help with this possible Virus problem.
PC system: compaqpresario7478/533mhz/64Mram/win98SE/OutlookE5.5
Series of events:
1. Jul28 a cablemodem and nic was installed by the cable co.
2. July29 windows wnt bezerk. I reloaded win98SE from CD.
3. Sometime afterwards I noticed that neither Norton nor Mcafee were running in the toolbar.
4. Aug25 I installed Norton antivirus2001. I spent hours unsuccessful to get Outlook Express to work with the mail proxy so I uninstalled Norton AV.
5. Aug26 I download Mcafee5.21 antivirus. The email autoprotect and download autoprotect would not load at startup. I uninstalled Mcafee antivirus.
6. Aug26 I again downloaded and installed Norton antivirus2001...
- The Norton autoprotect will not stay loaded from windows startup.
This line is in the System Configuration Utility "startup"
C:\Progra~1 Norton~1\ NAVAPW32 .EXE/LOADQUITE
- The Norton autoprotect will not load manually. It will not stay loaded by selecting it from the Norton "system status" window. The shield icon will appear in the toolbar for a couple of seconds and then disappears. I can do alt-ctr-del and confirm the program is not running. I can try to load over and over and same results.
7. I was able to do Norton full system virusscan and have found the infected file XPZHW.EXE (I have a quarantined copy) . Norton NAV could NOT quarantine the file because it was in use by windows. I rebooted to DOS and renamed the file. Then I rebooted to windows and then ran Norton full system scan again and then there were two infected files; the renamed file and a copy of the original. I rebooted to DOS several times and "del" deleted the file and every
time a new copy of the file appeared after windows reloaded.
8. The XPZHW.EXE file is listed twice in the System Configuration
Utility startup: "COM Services XPZHW.EXE".
9. When I go to start+run+regedit the "registry editor" window will not stay open. It disappears after two seconds.
10. In System Configuration Utility startup I notice:
"ScriptBlocking C:\Program Files\Common Files\Symantec
Shared\Script Blocking\SBServ.exe". Is this ok?
11. When win98 load and shut down I get this pop-up message:
"Windows Will Now Adjust The Network Settings To Your Needs, OK?"
Besides the virus file that keeps re-generating, seems like a lot of strange things happening.
Please help!!!
rgds/Larry T