Norton Antivirus odd behavior

Discussion in 'Malware Help (A Specialist Will Reply)' started by JoeGons, Jul 17, 2007.

  1. JoeGons

    JoeGons Private E-2

    Hi
    I have a problem with Antivirus 2004.
    Several times some 9,999 files have appeared in my VirusDefs folder
    (20070711.016 and before) with the name 0000NAV~.TMP to 9998NAV~.TMP that causes every thing to slow to a grind.
    Deleting the files, returns the system speed.
    How do these files get there?
    Thank you,
    Joeconfused
     
    JoeGons, Jul 17, 2007
    #1
  2. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Every anit-virus program needs to update the definitions .....some do it daily. I frankly would suggest you dump Norton when the subscription runs out and instead use either AVG Free or Avast. Norton is a known resource hog.
     
    Last edited by a moderator: Jul 18, 2007
    TimW, Jul 18, 2007
    #2
  3. JoeGons

    JoeGons Private E-2

    All true.
    This behavior with 9,999 TEMP files in the VirusDefs folder is not normal for NAV. It should have just 40-odd files.
    Just wondered if there was a Virus causing that.

    Resource HOG is an understatment.
    Auto-Protect really slows things down. I sometimes switch it off.

    J:(
     
    JoeGons, Jul 18, 2007
    #3
  4. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    Although I doubt it is virus caused....
    Please follow our standard cleaning procedures which are necessary for us to provide you support. Also there are steps included for installing, running, and posting HijackThis logs as attachments.
    • Run ALL the steps in this Sticky thread READ & RUN ME FIRST Before Asking for Support
    • Make sure you check version numbers and get all updates.
    • Very Important: Make sure you tell us the results from running the tutorial...was anything found? Were you unable to complete any of the scans?...Were you unable to download any of the tools?...Did you do the on-line scans as suggested? etc.
    • After doing ALL of the above you still have a problem make sure you have booted to normal mode and run the steps in the below link to properly use HijackThis and attach a log:
    Make sure you also rename HijackThis.exe as suggested in the procedures. Use analyse.exe for the new name. This is very important due to some new infections going around.
    • When you return to make your next post, make sure you attach the following logs and that you have run these scans in the following order too:
      • CounterSpy
      • AVG Antispyware log - ONLY IF NEEDED you were not able to run CounterSpy
      • Bitdefender - from step 6
      • Panda Scan - from step 6
      • runkeys.txt - the log from GetRunKey.bat
      • newfiles.txt - the log from ShowNew.bat
      • HijackThis
    NOTE: You can only attach 3 files in a single message so it will require that you use two messages to attach all of these logs!
     
    TimW, Jul 18, 2007
    #4
  5. JoeGons

    JoeGons Private E-2

    Hi,
    I have done all the scans.
    BitDefender wanted 6 hours to complete after 3 hours.
    I quit!!
    All the scans found the same things.
    Some Joke programs I’ve had for years and some stuff in Bart’sPE and UBCD4WIN.
    None of these have been run for some time.
    For what it’s worth:
    CounterSpy would not let HijackThis run as Analyse.
    Getrunkey did not create a runkeys file.
    · CounterSpy
    · BitDefender
    · PandaActiveScan.
    · GetRunKey
    · ShowNew
     

    Attached Files:

    JoeGons, Jul 20, 2007
    #5
  6. JoeGons

    JoeGons Private E-2

    The rest of the Logs.
     

    Attached Files:

    JoeGons, Jul 20, 2007
    #6
  7. JoeGons

    JoeGons Private E-2

    HijackThis log.
     

    Attached Files:

    JoeGons, Jul 20, 2007
    #7
  8. JoeGons

    JoeGons Private E-2

    Have you ever seen subfolders in the "RUN" Key?
     

    Attached Files:

    • RUN.JPG
      RUN.JPG
      File size:
      80.4 KB
      Views:
      4
    JoeGons, Jul 20, 2007
    #8
  9. TimW

    TimW MajorGeeks Administrator - Jedi Malware Expert Staff Member

    The run key question ...please give the full path.

    Did you have error messages when trying to do both the GetRun and Shownew scans?
    How to Run ShowNew
    How to Run GetRun

    You HJT log was clean.

    Have you considered dumping NOrton ....or is it a paid for version?
     
    TimW, Jul 21, 2007
    #9
  10. JoeGons

    JoeGons Private E-2

    There were NO error messages.
    It seemed to runjust fine.
    It just did not make the runkeys.txt file.
    The ShowNew ran and I gave you the log.
    I will look for something that is less trouble than Norton to up-keep.
    Something is going on with NAV but there is no way I can find to Email Symantec about it.
    Thanks anyway. I'll just have to dump it as you said.
    Joe:)
     
    JoeGons, Jul 21, 2007
    #10

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds