Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people, just like you, are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
Solved

Symantec Antivirus

Posted on 2006-06-13
13
615 Views
Last Modified: 2012-05-05
Could someone help me in this, I had this antivirus installed on my laptop and it was infected with virus. when i try to use to liveupdate, it prompt tat i need to get online to download the updates. i was already connected to the internet but liveupdate told me tat i wasnt connected to the internet. does anyone know how to solve this problem without having to format the whole thing which i am doing now. please advise, thank you.
0
Comment
Question by:otyew
  • 5
  • 4
  • 2
  • +2
13 Comments
 

Author Comment

by:otyew
ID: 16892490
and i suspect that the virus changed my registry which i think has disabled the liveupdate. does anyoen has any 'dictionary' on the registry? i mean registry listing n it's functions?
0
 
LVL 38

Expert Comment

by:younghv
ID: 16892592
otyew,
There are a few versions of malware out there that will 'hijack' your web browser and prevent you from going to anti-virus websites.
One way around that is to do a 'tracert' of the web site 'name' you want, and then type in the IP address in your browser bar.
For example, Symantec/Norton updates can be obtained at: 192.168.1.254

Good Luck
0
 
LVL 5

Assisted Solution

by:kevinf40
kevinf40 earned 20 total points
ID: 16893595
It would also be worth checking your hosts file as a common trick is to add settings to that so that AV software etc cannot connect to the web.

cheers

Kevin
0
Ransomware: The New Cyber Threat & How to Stop It

This infographic explains ransomware, type of malware that blocks access to your files or your systems and holds them hostage until a ransom is paid. It also examines the different types of ransomware and explains what you can do to thwart this sinister online threat.  

 
LVL 38

Expert Comment

by:younghv
ID: 16893649
I use this website (http://www.mvps.org/winhelp2002/hosts.htm) to replace the HOSTS file on every computer I repair.
Properly managing your HOSTS file should be a bedrock of security for every computer out there.

A side benefit is the exceptional speed up of connectivity to most websites - plus you can edit it to add the IP addresses of your personal 'Favorites'.
0
 

Author Comment

by:otyew
ID: 16899774
no, i can access to the internet but antivirus program unable to access to the server.
0
 

Author Comment

by:otyew
ID: 16899776
btw, how do i use the .bat program? i jus double-click it and it will restore everything back to normal?
0
 
LVL 32

Assisted Solution

by:r-k
r-k earned 30 total points
ID: 16899931
That should work. The somewhat better way is to open a Command Prompt window (Start -> Run -> cmd -> OK)
and then type the name of the command file at the prompt:

 > cd c:\temp
 > hosts.bat

if the file is namked hosts.bat and is in the folder c:\temp

That way you will get feedback on success or failure.
0
 
LVL 38

Expert Comment

by:younghv
ID: 16901420
otyew:
Regarding this comment: "btw, how do i use the .bat program? i jus double-click it and it will restore everything back to normal?"
After you install the new HOSTS file (yes, by double-clicking the .bat file) you can open it with 'NOTEPAD' and look at how it is stuctured.
It is simply a listing of the most common IP addresses associated with the sites most frequented (prevents your computer from having to do a 'DNS Look-up' based on the web site Name). This really speeds up you browsing access.

It is also updated about once a month (you will receive an email notice) to identify and prevent access to known 'Bad Guy' sites out there.
Stick with this HOSTS concept and you will be truly putting a nice chunk of defense between you and the bad guys out there.
Vic
0
 

Expert Comment

by:JamieRomness
ID: 16911842
If you want to update your virus definitions to scan for the virus you can do thi manually by using Intelligent Updater from Symantec.  Here is the link:

http://www.symantec.com/avcenter/defs.download.html

This is usually a rather large file (approx. 13 mb) but it will update all of your definitions.

If antivirus cannot remove the threat, there are two utilities that you may find useful.  One is hijackthis:

http://www.majorgeeks.com/download3155.html

This Utility will show potential spyware, but be cautious, because it will also show you legitimate files and processes as well.

The other is MSCONFIG.  In windows XP you can type this command into the run dialoge and it will bring up a utility that will show what process and services are set to run at start up.  You can de-select any program that might be malicious.

Lastly, after you download the definitions you can go to symantec's site and search for the specific threat.  There will e a document on how to remove the threat on their site.

http://www.symantec.com/avcenter/global/vinfodb.html
0
 
LVL 38

Expert Comment

by:younghv
ID: 16912054
JamieRomness,
The problem with 'Hijacking' malware is that it "re-directs" any attempts to access Symantec (or any other AV/Security web-site).

If you Google the phrase "hijacked hosts file" you will find out a great deal about the process.

Good Luck,
Vic
0
 

Author Comment

by:otyew
ID: 16917117
the problem is the antivirus did not show any sign of virus attack when i manually update the virus definition. and then, i did not see any illegal processes at the back, i tried system mechanic to scan  but still nothing.

maybe i should try to use hijackthis program, and tell u all the outcome.
0
 
LVL 32

Expert Comment

by:r-k
ID: 16917206
Yes, goos idea to post the HJT log:

Download and run HijackThis from http://www.hijackthis.de/
Copy-and-paste the resulting log back to that same web site (not here)
Click on "Analyze", and then click on "Save Analysis" at the bottom of the next page.
Finally post a link here to the saved analyzed page.

Before that, you may want to download and install lusetup.exe from http://www.symantec.com/techsupp/files/lu/lu.html and see if that fixes the Live Update problem.
0
 
LVL 38

Accepted Solution

by:
younghv earned 50 total points
ID: 16924788
You can get an excellent 'on-line' scan without installing another AV program.
Go here: Please run a free online virus from http://housecall.trendmicro.com/
Choose "Complete Scan" and select all drives to scan.

Delete anything it finds.

Do the HOSTS file fix I described above.

Manually update your Symantec product (using the IP address if you have to).

Reboot into Safe Mode (tap the F8 key during boot-up) and do a full system scan with Symantec while in Safe Mode.

Reboot to normal and cross your fingers.

Good Luck,
Vic
0

Featured Post

Free Tool: Postgres Monitoring System

A PHP and Perl based system to collect and display usage statistics from PostgreSQL databases.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Using Outlook for iOS securely 2 54
Internet Protocol Security question 3 94
Public Printing Options 3 46
"Ensure their internet protocol supports SHA-2 certificate" ?? 5 30
One of the biggest threats facing all high-value targets are APT's.  These threats include sophisticated tactics that "often starts with mapping human organization and collecting intelligence on employees, who are nowadays a weaker link than network…
Knowing where your website is hosted is as important as the features you receive, the monthly fee, and the support you receive. Due diligence should be done when choosing your next hosting provider.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, just open a new email message. In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…

840 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question