joval2003
asked on
Norton Firewall Security gets disabled?
I have MS-XP and am on a small local network, all machines are running Norton AV and Firewall. Mine is the only one running XP and the other 3 are running WinME. About every day I am noticing that my Norton Firewall system tray icon shows an exclaimation point. When I open it, it says that the security feature is disabled. I can enable it and continue, but I'm concerned since I've been getting some virus, worm, and trojan attacks lately that the WinME machines are not (and their Norton is working flawlessly).
I have received Netsky, GaoBot.Zx and W32.IRCBot, and Norton seems to catch these and delete any files, but I'm concerned that something else is going on that Norton can't control. A couple of times it appeared that my machine was under control by a remote user when my printer started printing pages of ascii characters without my control. I wrote this off the first time as fluke, but after the 3rd time, along with daily-random disabling of my security feature has got me concerned.
A week ago, I ran the Norton security check and it did identify some "open port" vulnerabilities. I've installed all recommended patches and latest updates from Microsoft Windows update and this closed all of the open ports, so I figured I was good to go. However, just today, I received the W32.IRCBot trojan notice which it said caught and deleted. I decided to run the Norton Firewall Security check again and guess what, all vulnerabilities are back - open ports!!
How do I keep Norton security from being disabled?
Also, if I've installed all known XP patches, is there anything else I can do to prevent this suspicious activity from continuing?
Thanks,
Joval2003
I have received Netsky, GaoBot.Zx and W32.IRCBot, and Norton seems to catch these and delete any files, but I'm concerned that something else is going on that Norton can't control. A couple of times it appeared that my machine was under control by a remote user when my printer started printing pages of ascii characters without my control. I wrote this off the first time as fluke, but after the 3rd time, along with daily-random disabling of my security feature has got me concerned.
A week ago, I ran the Norton security check and it did identify some "open port" vulnerabilities. I've installed all recommended patches and latest updates from Microsoft Windows update and this closed all of the open ports, so I figured I was good to go. However, just today, I received the W32.IRCBot trojan notice which it said caught and deleted. I decided to run the Norton Firewall Security check again and guess what, all vulnerabilities are back - open ports!!
How do I keep Norton security from being disabled?
Also, if I've installed all known XP patches, is there anything else I can do to prevent this suspicious activity from continuing?
Thanks,
Joval2003
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Also, please post the Hijack This log here after you have downloaded it. Be sure to run NAV and all anti-spyware/adware tools listed above in safe mode as well as in regular mode.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.