virus find Norton, Avast not

system · 2007-12-21T17:03:26.000Z

Dear friends,

I have instaled Avast and from time ago have instaled Norton security scan. Today, Norton SS find on my computer 3 viruse:

Bat.Silly.B.gen
W32.Rontokbro@mm
Infostealer.Wowcraft

I try scan with Avast, but he not find any of them. Why? How can I clean this viruses? Norton find infected registry file, how this clean?

Why can’t to see virus list in Avast?

Which antivirus software may work with Avast? NOD32, Norton Antivirus or some other software. Once, I install ZoneAlarm, but not work, both have in conflict.

Thank you very much, happy Christmas!

Lisandro · 2007-12-21T17:27:27.000Z

FrogandCat post:1:

I have instaled Avast and from time ago have instaled Norton security scan. Today, Norton SS find on my computer 3 viruse:

Bat.Silly.B.gen

W32.Rontokbro@mm

Infostealer.Wowcraft

Does it show the name and path of the infected files?

FrogandCat post:1:

I try scan with Avast, but he not find any of them. Why?

Not a software is perfect.
Or, in other hand, could be Norton false positive, just trying to ‘force’ you to buy their full version with a false protection sensation…

FrogandCat post:1:

How can I clean this viruses? Norton find infected registry file, how this clean?

I won’t do anything without further info (name and path of the files).
But if you want to do something, you can use Norton to clean them… I suppose.

FrogandCat post:1:

Why can’t to see virus list in Avast?

There isn’t an international convention for virus names. It could have a different name on avast.
Or, avast could have missed this one and need to improve its detection.

FrogandCat post:1:

Which antivirus software may work with Avast? NOD32, Norton Antivirus or some other software. Once, I install ZoneAlarm, but not work, both have in conflict.

If you want a ‘second’ opinion you could have free BitDefender installed side by side with avast.
Other antivirus, resident ones, will have problems and conflicts.

system · 2007-12-24T18:57:57.000Z

Thank you for replay.

I don’t want to replace Avast with another software, but Avast may to bee a better software. As I have more problem with ZoneAlarm and Avast, I haven’t Norton’s software, only free program to scan computer and this is not in conflict with Avast.

Norton show full path for all virus which he find:

c:\windows\minidump\mini111506-02.dmpInfection:

e:\arhiva\games\games old\solitaire3\crack.vexe
File:
c:\documents and settings\frog&cat\local settings\temp~df10a1.tmp
c:\documents and settings\frog&cat\local settings\temp~df4244.tmp
c:\documents and settings\frog&cat\local settings\temp~df4865.tmp
c:\documents and settings\frog&cat\local settings\temp~df62ea.tmp
c:\documents and settings\frog&cat\local settings\temp~df75eb.tmp
c:\documents and settings\frog&cat\local settings\temp~df7905.tmp
c:\documents and settings\frog&cat\local settings\temp~df849c.tmp
c:\documents and settings\frog&cat\local settings\temp~df9037.tmp
c:\documents and settings\frog&cat\local settings\temp~df9c04.tmp
c:\documents and settings\frog&cat\local settings\temp~dfcdc5.tmp
c:\documents and settings\frog&cat\local settings\temp~dfd8d6.tmp
c:\documents and settings\frog&cat\local settings\temp~dfdb8.tmp
c:\documents and settings\frog&cat\local settings\temp~dff6d.tmp
Registry:
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\System
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->Bron-Spizaetus
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats{602ADB0E-4AFF-4217-8AA1-95DAC4DFA408}
HKEY_LOCAL_MACHINE\SOFTWARE\COMON
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Run->Tok-Cirrhatus-3444
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run->Bron-Spizaetus-clilltqx
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\software\brontok
HKEY_USERS\S-1-5-19\software\brontok
HKEY_USERS\S-1-5-20\software\brontok
HKEY_USERS.DEFAULT\software\brontok
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore->DisableSR:0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion->Shell:Explorer.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot->AlternateShell:cmd.exe
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ialm\Device0->HardwareInformation.Crc32:…
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Schedule->NextAtJobId:1
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr->Start:0
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\sr\Parameters->FirstRun:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->Hidden:1
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->HideFileExt:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced->ShowSuperHidden:0
HKEY_USERS\S-1-5-21-1417001333-448539723-725345543-1003\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
HKEY_USERS.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer->NoFolderOptions:0
Browser Cache

E:\Arhiva\Stalni\Nullsoft.Winamp.PRO.v5.25.FULL\W_5.31_Pro.rar

Thank you

Lisandro · 2007-12-24T20:15:38.000Z

FrogandCat post:3:

As I have more problem with ZoneAlarm and Avast, I haven’t Norton’s software.
Norton show full path for all virus which he find

Are you using avast at the same time in the same computer with Norton?

FrogandCat post:3:

c:\windows\minidump\mini111506-02.dmpInfection:

Probably a false positive.

FrogandCat post:3:

e:\arhiva\games\games old\solitaire3\crack.vexe
E:\Arhiva\Stalni\Nullsoft.Winamp.PRO.v5.25.FULL\W_5.31_Pro.rar

Strange files ;), but probably infected. Cracked versions…

FrogandCat post:3:

c:\documents and settings\frog&cat\local settings\temp~df10a1.tmp
c:\documents and settings\frog&cat\local settings\temp~df4244.tmp
c:\documents and settings\frog&cat\local settings\temp~df4865.tmp
c:\documents and settings\frog&cat\local settings\temp~df62ea.tmp
c:\documents and settings\frog&cat\local settings\temp~df75eb.tmp
c:\documents and settings\frog&cat\local settings\temp~df7905.tmp
c:\documents and settings\frog&cat\local settings\temp~df849c.tmp
c:\documents and settings\frog&cat\local settings\temp~df9037.tmp
c:\documents and settings\frog&cat\local settings\temp~df9c04.tmp
c:\documents and settings\frog&cat\local settings\temp~dfcdc5.tmp
c:\documents and settings\frog&cat\local settings\temp~dfd8d6.tmp
c:\documents and settings\frog&cat\local settings\temp~dfdb8.tmp
c:\documents and settings\frog&cat\local settings\temp~dff6d.tmp

Clean your temporary files…

system · 2008-01-03T10:03:04.000Z

Happy New 2008 yrs. all!

Thank you, but what with other line in Registry file? How can this I clean because this is so hard, and sensibility.

Other notification in Temporary folder is not problem.

Thanks!

Lisandro · 2008-01-03T11:03:45.000Z

FrogandCat post:5:

Thank you, but what with other line in Registry file? How can this I clean because this is so hard, and sensibility.

Use SUPERantispyware. If any infection is detected, better and safer is send the file to Quarantine than to simple delete than.

Announcements