Avast has found Win32.VB-II [wrm] but no other scanner detects this. I tried VirusTotal, ewido, and virusscan.jotti Again, only Avast ID’s this Win32.VB-II. Is this a real threat or a false positive? It most likely came via the internet (MSN, email, music downloads, etc.) It is in F:\WINDOWS\system32\config\SecEvent.Evt as well as Music Match Jukebox Default.ddf Therefore, when I want to do a system restore checkpoint, it will get added to the restore file, too.

I searched the threads and found nothing about this worm. I also sent this information to Avast, but I couldn’t put the infected file in a zipped file, and I was not able to send it from the chest (an error occurred on the page, even after I clicked to download the active x to send the file). Does anyone have information regarding this? Thanks, Shari

Most probably a false positive…
Can you zip it and send to virus (at) avast.com again, but this time, be off-line (not connected to Internet), disable Standard Shield (or all providers), zip the file with a password (virus, for instance), make an email, attach the file and inform the password in the message body.
Turn on avast again. Connect and send the email. Thanks.

Thank you for your reply. I learned how to zip the file into a folder and send it. Now, I hope to learn how to deal with this problem, whether it is positively a virus/worm or a false positive.
I’ve been reading the threads, and there are similar problems, but no resolutions that I have found. All request more info. Thanks so much!

P.S. I had a subscription to Norton for years. I no longer use it. Avast! is much better!

I reread your reply. I use hotmail, and it did not seem possible to attach the file without being connected. Did the file get sent okay?

There are in two exclusion lists: one in program settings, for the on-demand scanning.
And other in Standard Shield settings, for the on-access protection (residents).
Maybe it could be a workaround until it’s repaired by avast team.

They should answer… Maybe Karel ;D

Welcome to the forums, slfroedge.

Be sure that Norton is completely uninstalled from your computer. None of the Norton/Symantec products will completely uninstall in the normal manner as they will leave behind files/registry entries that will foul any other av product from working correctly. >:(

Thanks. Norton is tough to uninstall. I get a msg. saying that I can’t ininstall Norton WMI Update because there is still a file on my system that requires it. Symantec’s help page only states that this could occur, but not how to find out where the file is hiding. I’ll try some more. Any suggestions?

I have found the folder which contains Norton Antivirus. Is it safe to delete it? I read somewhere that it may not be safe just to delete programs. I don’t know why so much of it was left behind on uninstall.
I did try to uninstall with CCleaner, but it could not take them off either.
If it is safe to delete registry entires for Norton, and delete the folder, then I can do that.
Please advise. Thanks.

Another link worth looking at, which is a program removal tool that can remove the remnants of a number of different Norton Programs:
Removing your Norton program using SymNRT

Run this tool and reboot. It may be advisable to uninstall avast, reboot and install again after the remnants of Norton are removed.

Thanks for the tips on Norton uninstall. I’ve learned a lot the past two days. Here’s a reply from Avast! regarding Win32:VB.II :

Hello,
thanks for a sample. It is our false allarm and will be corrected in next VPS update.
Regards Cernik

Thanks to everyone who offered help. I used your tips. At least I got my HD cleaned up and running more smoothly.

Glad we could help, a belated welcome to the forums.

It is nice to know that your HD is cleaner & running smoother.

Please come back often, learn more, and maybe help others.

Thanks for the warm welcome. I’ll help if I can, but I’m pretty new at this. My mistakes may prove to be my most valuable contributions! ;D

If your going to be sticking around for a while you might want to use this resized image for your avatar as we try to keep them at 100 X 100.

Thanks! I guess this is not the place to ask how you resized it? :-[

Do a Google search for … image resizer … OR … picture resizer … and you will get many results.

There are many imaging tools that can do the job, I just copied your image into IrfanView (freeware - non-commercial use) and resized it and saved the smaller file. I use IrfanView because it is good at file conversion, opening one file format and converting it to another format and it doesn’t loose much detail.

IrfanView is more of an image viewer and file converter but it has some basic editing functions http://www.irfanview.com/

Merci beaucoup! IRFANVIEW is very useful.

Your welcome, IrfanView is an excellent little tool, made even better by its cost ;D

Final note on Norton Uninstall-
Since my version was Internet Securtiy 2003, I had to use another uninstall tool, on the same site.

http://service1.symantec.com/SUPPORT/nip.nsf/docid/2001090510510636?Open&src=&docid=2001092114452606&nsf=nav.nsf&view=docid&dtype=&prod=&ver=&osv=&osv_lvl=&seg=

Thanks again for great help.