Video Screencast Help

I have a virus that I cant find or kill?

Created: 30 Aug 2011 | 4 comments

I hate to start a discussion that I am sure has already been had, but I find this site impossible to navigate and what I can find appears to be on a level way above my head...I cant find anything remotely close, so here goes.  

I have a virus of some sort that periodically (every 3 to 5 days) sends out an email to everyone in my aol address book.  It is more than a little annoying.  I have run more than a couple scans on top of my daily scan for threats and it comes up clean every time.  I am using an USArmy authorized version of Symantec Endpoint.  A search of the properties did not say what version?

Short of smashing my computer and buying another one, any help on how to find and kill this thing?

Comments 4 CommentsJump to latest comment

BNH's picture

First things first ..

Is your virus definition on 30 August 2011 r 17 as a minimum ?
If yes, then when you say your AOL address book , I believe its from a webmail?

If its from webmail, try cleaning your browser cache and ensure your browser is updated to the latest version / patch. Then change your password to a more complex ones. ie. th1s15myp@55sw0rD

Some of those spam pretty much uses your webmail as mule to send out spams to your contacts.
And it happen because an email you open that contain the malicious payload on it.

 

 

 

-- Got new virus ? Try update your defs here : ftp://ftp.symantec.com/AVDEFS/norton_antivirus/rap... --

Thomas K's picture

Are the spam emails in your "Sent" folder? If so, run an a full scan in safe-mode with the latest definitions, and change your pass and security question as BNH stated above.

If they're not in the "Sent" folder, then most likely is an automated software that is spoofing your email address. This is the spammers way to cover their tracks.

Prahveer's picture

Hi,I hope your virus definitions are up to date.If not,run liveupdate and do a system scan in safe mode.

If you suspect threats are not being detected by SEP,i strongly recommend you to run Norton Power Eraser.

http://liveupdate.symantec.com/upgrade/NPE/1033/NP...

You can read more on

http://security.symantec.com/nbrt/npe.aspx?lcid=1033

Prahveer Kumar
BSc(Hons) Mathematics - year 2 student
University Of Technology,Mauritius

 

Mithun Sanghavi's picture

Hello,

Few Questions before suggesting you anything..

1) What Operating System are you running on your machines??

2) Is your machine a standalone machine or a machine on the Network??

3) AOL is used to sending emails every 3 - 5 days.

 

In your case, is AOL a default email client??

What Browser are you using??

Have you installed SEP with all feature set?? Have you installed Email protection feature on the SEP?

I would suggest to change the Default Email Program from AOL to office outlook or nothing.

 

 

 

I would also recommend you to follow this Article to check the suspicious files on your machine.

 

Using Symantec Support Tool, how do we Collect the Suspicious Files and Submit the same to Symantec Security Response Team. 
 
 
 
Hope that helps!!!

Mithun Sanghavi
Senior Consultant
MIM | MCSA | MCTS | STS | SSE | SSE+ | ITIL v3

Don't forget to mark your thread as 'SOLVED' with the answer that best helped you.