Jump to content

Could somebody answer a computer virus question for me? UPDATED POST 22
Virus sitting in unresolved risks - Norton 360


  • Please log in to reply
23 replies to this topic

#1 GeminiSix

Posted 20 November 2012 - 08:16 AM

I received a call from my bank last night saying that they had information I had a virus on my computer and they had locked my internet banking.

I have done a full system scan using Symantec Norton 360 - which has come up clean, says my system is safe and protected etc.  However, when I go into "Security History" under "Unresolved Risks" there is a virus listed there "Trojan.zeroaccess!inf4"

I have downloaded the tools from the Symantec website (one specific to this virus, and Power Eraser) to delete this virus, however both keep saying no virus detected.  It is still sitting in the Unresolved Items.

So do I have a virus or not?

It also says if the virus is in a Windows file you may need to replace using Windows Installation CD - I don't have this as I bought the laptop with Windows preloaded. The infected file is C:\windows\system32\services.exe

BTW I am running Windows 7.

Any ideas about where I go to from here?   shrug.gif

Edited by GeminiSix, 21 November 2012 - 09:52 AM.


#2 qak

Posted 20 November 2012 - 08:41 AM

If you have Windows 7 I would install/update/run Windows Defender and see what it reports (&you may need to disable Norton to do that).

FWIW I would be checking with the bank - that sounds like some sort of scam to me, I don't think they could tell if you had a virus on your computer   unsure.gif

Edited by qak, 20 November 2012 - 08:41 AM.


#3 Therese

Posted 20 November 2012 - 08:45 AM

I don't think your bank would be ringing you to say you have a virus. I would ring your bank today as I think it sounds like a scam to me.

http://www.scamwatch.gov.au/content/index....l/itemId/834379

#4 Mini_feral

Posted 20 November 2012 - 08:47 AM

A quick google of the virus name provided throws up lots of links about it - it sounds like it is a virus that needs manual removal. It sounds like quite a nasty one also so it might be worth contacting an IT company.

#5 FeralZombieMum

Posted 20 November 2012 - 08:54 AM

QUOTE (Therese @ 20/11/2012, 09:45 AM) <{POST_SNAPBACK}>
I don't think your bank would be ringing you to say you have a virus. I would ring your bank today as I think it sounds like a scam to me.

http://www.scamwatch.gov.au/content/index....l/itemId/834379

yyes.gif


Did the caller direct you to a website to download anything?

#6 GeminiSix

Posted 20 November 2012 - 09:00 AM

Thanks ladies - it is definately legitimate, I checked the number before I called the bank back (ANZ).  Having a look at their website, they do have programs installed that can tell if a virus or other illegitimate source is trying to log into your internet banking - this is what has happened, hence them locking it straight away and calling me.  I am not going to get them to reactivate until I am sure the computer is virus free.  

FWIW I get calls ALL the time telling me I have a virus from those overseas people, say they are calling on behalf of Microsoft, etc  Sometimes they call twice a day, every day for a week etc, and then I don't hear from them for a month and then they start up again.  This was not one of those calls.      

Qak - thank you, I will give Windows Defender a go.

#7 GeminiSix

Posted 20 November 2012 - 09:04 AM

Zombiemum - no they didn't.  They suggested that I may have a virus on the computer I use for internet banking (as I only use one computer to do it), I should do my own full system scan and contact them once I had sorted out any issues.

#8 BabySmurf2012

Posted 20 November 2012 - 09:09 AM

You can try a online virus scanner.. See if it picks anything up?
http://housecall.trendmicro.com/

Edited by BabySmurf2012, 20 November 2012 - 09:10 AM.


#9 TVbaby

Posted 20 November 2012 - 09:13 AM

A couple of things for you to try;
Have you run a full virus scan in "safe mode"? Restart your computer and while it is rebooting hit the F8 key continually until a screen comes up then select "safe mode with networking". This will boot only the basic functions of windows and not automatically run any programs. Once booted - update your antivirus and run a full scan. May take a while.
Sometimes the virus software won't/can't pickup all the elements of a virus.
You could also try downloading some free malware removal tools like Malware Bytes. This will find malware that the anti-virus companies don't pick up.
Run all these in safe mode. Once you get the all clear restart normally and run all the anti-virus again.
Malware, trojans and viruses are a pain in the butt. To remove them properly takes time.
Good luck!

#10 Guest_~Songbird~_*

Posted 20 November 2012 - 09:19 AM

Step 1 - reformat your computer - get rid of everything, it's the only way to get rid of a virus for sure like this. Because windows is preloaded this is quite easy to do, you don't need the disk.

Step 2 - after reformatting, install avast internet security virus protection. It is the best virus protection on the market and picks up viruses norton never does, it's also very fast and only around $30 a year. Norton is a dreadful virus scanner and will continue to allow threats onto your computer. http://www.avast.com

This is a trojan that will steal all of your credit card numbers etc. Don't mess around with trying to get it off, just reformat and it will be gone.

Edited by ~Songbird~, 20 November 2012 - 09:38 AM.


#11 Lulubin

Posted 20 November 2012 - 09:24 AM

The banks will contact you if they detect a virus or malware on the computer used for internet banking (I work in that area for one of the big 4). We SMS our customers.

Make sure that you have run a malware scan as the majority of the issues are being caused by malware which is essentialy hijacking people's browsers. I personally use Malware Bytes.

We see a lot of people who keep reinfecting their computers by not following the correct steps, as well as a lot of Mac people who are convinced that Mac's dont get viruses, so don't protect themselves!





#12 MrsLexiK

Posted 20 November 2012 - 09:25 AM

GeminiSix I had this from both the ANZ bank (they sent me a text message letting me know my internet banking had be blocked and to call X number) Commonwealth bank also did this, but it was on the home screen when I logged in.  I just figured it was my app playing up.  I rang the ANZ and said I was afraid it was a scam they said they understood but the number was in fact the normal internet banking number which I did double check on the web.

They told me that they detect something which may or may not be dangerous and this shuts it down so your accounts are safe.  I think it is wonderful technology.  I ran a scan on my computer and there was a trojen living there (but had not infected my computer if that makes sense) got the scan software to deal with it (fix button) and then redid the scan and let both the ANZ and Commonwealth know my computer was safe.  They reset the passwords for both as well, with a temp password that I then had to change.  I haven't done the ANZ one as I mostly use my app and when I was speaking to them I was on the phone.  They were able to reset my ANZ banking app (which is what I use 99% of the time) straight away.  Commonwealth sent me a text with the password which I had 30 days to login to change (and I could do this either on netbank online or with the web)

HTH

#13 erypmaV

Posted 20 November 2012 - 09:42 AM

QUOTE (~Songbird~ @ 20/11/2012, 10:19 AM) <{POST_SNAPBACK}>
Step 1 - reformat your computer - get rid of everything, it's the only way to get rid of a virus for sure like this

That's massive overkill and a time consuming pain to reinstall everything. There are plenty of ways to remove viruses and malware that don't involve a full reformatting. Instructions for your particular virus are here You've got Norton's so you'll be able to download and use the tool at the link.

QUOTE
Step 2 - after reformatting, install avast internet security virus protection.

Avast is fine, and I agree that Nortons is horrible, bloated and more trouble than it is worth.
Other options - Comodo, AVG, Microsoft Security Essentials (which is free)
Some good reviews here: http://anti-virus-software-review.toptenreviews.com/

#14 WYSIWYG

Posted 20 November 2012 - 09:50 AM

I personally would just reformat. It's the only way I'd have peace of mind.

#15 Guest_~Songbird~_*

Posted 20 November 2012 - 09:51 AM

QUOTE (erypmaV @ 20/11/2012, 10:42 AM) <{POST_SNAPBACK}>
That's massive overkill and a time consuming pain to reinstall everything. There are plenty of ways to remove viruses and malware that don't involve a full reformatting. Instructions for your particular virus are here You've got Norton's so you'll be able to download and use the tool at the link.


I don't agree, I know my tech stuff well. Nasty trojans like this one, once on your computer are hard to get rid of. The OP is only going to be clogging up her system with more crap to try to get rid of it, meanwhile it continues to run in the background and ruin her computer, steal credit card details and other personal info.

#16 erypmaV

Posted 20 November 2012 - 10:15 AM

QUOTE (~Songbird~ @ 20/11/2012, 10:51 AM) <{POST_SNAPBACK}>
I know my tech stuff well.

I only know of one tech support team that had to reformat a PC due to a stubborn virus, and that was about 10 years ago. If everyone reformatted every time a virus got through, tech support would never get anything else done.

QUOTE
Nasty trojans like this one, once on your computer are hard to get rid of.

From Symantec:
Trojan.Zeroaccess!inf4
Risk Level 1: Very Low
Removal: Easy


#17 Guest_~Songbird~_*

Posted 20 November 2012 - 10:45 AM

QUOTE (erypmaV @ 20/11/2012, 11:15 AM) <{POST_SNAPBACK}>
I only know of one tech support team that had to reformat a PC due to a stubborn virus, and that was about 10 years ago. If everyone reformatted every time a virus got through, tech support would never get anything else done.


From Symantec:
Trojan.Zeroaccess!inf4
Risk Level 1: Very Low
Removal: Easy


Possibly because it was too hard for the 'techs'?  wink.gif

You also seem to have missed the OP where she says the following (therefore NOT easy - the trojan is hiding). A reformat is needed in THIS situation.

" I have downloaded the tools from the Symantec website (one specific to this virus, and Power Eraser) to delete this virus, however both keep saying no virus detected. It is still sitting in the Unresolved Items.

So do I have a virus or not?

It also says if the virus is in a Windows file you may need to replace using Windows Installation CD - I don't have this as I bought the laptop with Windows preloaded. The infected file is C:\windows\system32\services.exe"



#18 erypmaV

Posted 20 November 2012 - 10:53 AM

QUOTE (~Songbird~ @ 20/11/2012, 11:45 AM) <{POST_SNAPBACK}>
Possibly because it was too hard for the 'techs'?  wink.gif

They weren't great techs actually... It was easier for them to reimage the PC than fix the problem, but most people don't have a PC image handy.

QUOTE
A reformat is needed in THIS situation.
It also says if the virus is in a Windows file you may need to replace using Windows Installation CD - I don't have this as I bought the laptop with Windows preloaded. The infected file is C:\windows\system32\services.exe"

If OP doesn't have a Windows disk and they reformat, what are they going to reinstall from? They'll just have a PC with no operating System.

QUOTE
So do I have a virus or not?

That's always a good question. It could be a false positive, although I doubt it in this case.
The link I sent has other instructions that will fix it, but you will most likely still need the wndows disk.
Preloaded windows machines typically come with an OEM disk for just this type of problem.


#19 Guest_~Songbird~_*

Posted 20 November 2012 - 11:11 AM

QUOTE (erypmaV @ 20/11/2012, 11:53 AM) <{POST_SNAPBACK}>
If OP doesn't have a Windows disk and they reformat, what are they going to reinstall from? They'll just have a PC with no operating System.


She can but it's the pre installed version of 'reformatting' and it's very easy to do and will wipe all her data including the trojan and take it back to how it was when she bought it. All the windows data is on the hard drive, you just select the option you want in the menu and it does the rest. Windows will be there once the data has been deleted. I have done it myself.

Edited by ~Songbird~, 20 November 2012 - 11:20 AM.


#20 FeralDancesHere

Posted 20 November 2012 - 11:22 AM

Just also confirming that banks do call to alert customers about viruses detected on computers.

It was one of my roles previously. At the bank I worked for it was done after disabling internet access.

But if there is any doubt that a call is legit, call the bank.

As for formatting it is the safest way to ensure the virus is gone, but not all PC's have the install stored locally as the PP is advising, so make sure before you format.

#21 Guest_~Songbird~_*

Posted 20 November 2012 - 12:06 PM

QUOTE (WinterDancesHere @ 20/11/2012, 12:22 PM) <{POST_SNAPBACK}>
As for formatting it is the safest way to ensure the virus is gone, but not all PC's have the install stored locally as the PP is advising, so make sure before you format.


The option to do it won't exist in the menu if she can't do it, therefore making it impossible to delete everything and not have windows afterwards...

#22 GeminiSix

Posted 21 November 2012 - 09:52 AM

Thanks for all the responses.  Over the past 24 hours I have tried a couple of these suggestions, and a few more that I found online.  Malwarebytes didn't find the virus, but it kept on appearing in my Unresolved Risks on Norton.

Even though Symantec listed the risk as "low" many more google searches I did yesterday advised that the virus could possible lead to catastrophe, credit card numbers being stolen, internet banking access, slow computer etc.  I also found that many many people have found the virus very difficult to delete as it (sorry don't know the technical lingo) puts different parts in different places of your computer.

So based on all of this, the fact that the bank alerted us in the first place, and that I do all our banking online from this computer only, I have just backed up our files to USB, done a complete system restore to factory settings and a full scan, and it seems the virus is gone.  Better to be safe than sorry in this instance.

Once again, thank you for your input.






#23 Guest_~Songbird~_*

Posted 21 November 2012 - 01:03 PM

Good to hear!. And install avast full service version as it will stop these types of viruses getting onto your computer in the first place. Norton is really bad for trojans like this as you have found out. There are really really bad trojans out there that norton does not puck up and the first you will know of them is your c drive will start to vanish and all your data, then the computer won't start...i'm speaking from personal experience.

#24 solongsuckers

Posted 21 November 2012 - 01:08 PM

QUOTE (GeminiSix @ 21/11/2012, 10:52 AM) <{POST_SNAPBACK}>
Thanks for all the responses.  Over the past 24 hours I have tried a couple of these suggestions, and a few more that I found online.  Malwarebytes didn't find the virus, but it kept on appearing in my Unresolved Risks on Norton.

Even though Symantec listed the risk as "low" many more google searches I did yesterday advised that the virus could possible lead to catastrophe, credit card numbers being stolen, internet banking access, slow computer etc.  I also found that many many people have found the virus very difficult to delete as it (sorry don't know the technical lingo) puts different parts in different places of your computer.

So based on all of this, the fact that the bank alerted us in the first place, and that I do all our banking online from this computer only, I have just backed up our files to USB, done a complete system restore to factory settings and a full scan, and it seems the virus is gone.  Better to be safe than sorry in this instance.

Once again, thank you for your input.


I'd probably go a step further than that and completely reformat and reinstal




1 user(s) are reading this topic

0 members, 1 guests, 0 anonymous users

 
  • quotes-320

    Wise words from kids movies

    The movies we watched as kids had a lot more to offer than just entertainment. Here's ten wise quotes from kids movies.

  • ek-toysales-thumb

    Best buys of the 2014 toy sales

    We have rounded up some of the best from this year's half yearly toy sales from the big stores around Australia.

  • yoda

    31 iconic family films from the 1980s

    If you grew up in the 1980s there will be a number of films that are close to your heart. Here are 31 of the most iconic for you to watch with your own kids.

  • cruella

    10 live-action remakes of famous animations

    After the success of "Maleficent" at the box office Disney is opening their vault to re-work the classics into live-action movies, and a number of other film studios are following suit. Here are ten live-action remakes to look forward to.

 
Advertisement
 
 
Advertisement
 
 
 
Advertisement
 
 
Essential Baby and Essential Kids is the place to find parenting information and parenting support relating to conception, pregnancy, birth, babies, toddlers, kids, maternity, family budgeting, family travel, nutrition and wellbeing, family entertainment, kids entertainment, tips for the family home, child-friendly recipes and parenting. Try our pregnancy due date calculator to determine your due date, or our ovulation calculator to predict ovulation and your fertile period. Our pregnancy week by week guide shows your baby's stages of development. Access our very active mum's discussion groups in the Essential Baby forums or the Essential Kids forums to talk to mums about conception, pregnancy, birth, babies, toddlers, kids and parenting lifestyle. Essential Baby also offers a baby names database of more than 22,000 baby names, popular baby names, boys' names, girls' names and baby names advice in our baby names forum. Essential Kids features a range of free printable worksheets for kids from preschool years through to primary school years. For the latest baby clothes, maternity clothes, maternity accessories, toddler products, kids toys and kids clothing, breastfeeding and other parenting resources, check out Essential Baby and Essential Kids.