virus find Norton, Avast not

Avast Free Antivirus / Premium Security
1

Dear friends,

I have instaled Avast and from time ago have instaled Norton security scan. Today, Norton SS find on my computer 3 viruse:

  1. Bat.Silly.B.gen
  2. W32.Rontokbro@mm
  3. Infostealer.Wowcraft

I try scan with Avast, but he not find any of them. Why? How can I clean this viruses? Norton find infected registry file, how this clean?

Why can’t to see virus list in Avast?

Which antivirus software may work with Avast? NOD32, Norton Antivirus or some other software. Once, I install ZoneAlarm, but not work, both have in conflict.

Thank you very much, happy Christmas!

2

Does it show the name and path of the infected files?

Not a software is perfect.
Or, in other hand, could be Norton false positive, just trying to ‘force’ you to buy their full version with a false protection sensation…

I won’t do anything without further info (name and path of the files).
But if you want to do something, you can use Norton to clean them… I suppose.

There isn’t an international convention for virus names. It could have a different name on avast.
Or, avast could have missed this one and need to improve its detection.

If you want a ‘second’ opinion you could have free BitDefender installed side by side with avast.
Other antivirus, resident ones, will have problems and conflicts.

3

Thank you for replay.

I don’t want to replace Avast with another software, but Avast may to bee a better software. As I have more problem with ZoneAlarm and Avast, I haven’t Norton’s software, only free program to scan computer and this is not in conflict with Avast.

Norton show full path for all virus which he find:

c:\windows\minidump\mini111506-02.dmpInfection:

e:\arhiva\games\games old\solitaire3\crack.vexe
File:
c:\documents and settings\frog&cat\local settings\temp~df10a1.tmp
c:\documents and settings\frog&cat\local settings\temp~df4244.tmp
c:\documents and settings\frog&cat\local settings\temp~df4865.tmp
c:\documents and settings\frog&cat\local settings\temp~df62ea.tmp
c:\documents and settings\frog&cat\local settings\temp~df75eb.tmp
c:\documents and settings\frog&cat\local settings\temp~df7905.tmp
c:\documents and settings\frog&cat\local settings\temp~df849c.tmp
c:\documents and settings\frog&cat\local settings\temp~df9037.tmp
c:\documents and settings\frog&cat\local settings\temp~df9c04.tmp
c:\documents and settings\frog&cat\local settings\temp~dfcdc5.tmp
c:\documents and settings\frog&cat\local settings\temp~dfd8d6.tmp
c:\documents and settings\frog&cat\local settings\temp~dfdb8.tmp
c:\documents and settings\frog&cat\local settings\temp~dff6d.tmp
Registry:
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->Bron-Spizaetus
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_LOCAL_MACHINE\SOFTWARE\COMON
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->Bron-Spizaetus-clilltqx
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\software\brontok
HKEY_USERS\S-1-5-19\software\brontok
HKEY_USERS\S-1-5-20\software\brontok
HKEY_USERS.DEFAULT\software\brontok
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore->DisableSR:0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion->Shell:Explorer.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot->AlternateShell:cmd.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ialm\Device0->HardwareInformation.Crc32:…
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule->NextAtJobId:1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr->Start:0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters->FirstRun:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
Browser Cache

E:\Arhiva\Stalni\Nullsoft.Winamp.PRO.v5.25.FULL\W_5.31_Pro.rar

Thank you

4

Are you using avast at the same time in the same computer with Norton?

Probably a false positive.

Strange files ;), but probably infected. Cracked versions…

Clean your temporary files…

5

Happy New 2008 yrs. all!

Thank you, but what with other line in Registry file? How can this I clean because this is so hard, and sensibility.

Other notification in Temporary folder is not problem.

Thanks!

6

Use SUPERantispyware. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.