Hi. I want to informe all in this forum about a malicous virus wich desguises itselfe as "NortonAntivirus.2004.PRO" (90mb). It all started 13 September 7.42pm. A friend of mine had just formatted and he wanted to install some security before connecting to the internet. Since he did not like Sygate's firewall he thought he would go back to Norton. He installed the file mention above and everything worked fine. He plugged in He's TP and began updating. "At this time he had installed several games and several programs." When he was going to use Photoshop "Wich he use all the time" he got an error message "Searching after Photoshop.exe Choose browse and search for the file manually" <- Translated directly from Norwegian. When he browsed around on my computer he found nothing. Only empty folders with nothing in it. At this time he did not know that "Norton" was the cause of this cruel act. After a little while this prosesses popped up. "wuacltl.exe, tftp.exe, ftp.exe, cmd.exe, bling.exe". I know that "wuauclt.exe" is normal but this progress was called "wuacltl.exe". "wuacltl.exe" could be "Norton" i dont know, but cmd.exe was up like 3 seconds typing things he did not understand. "tftp.exe and ftp.exe" downloadet like over 4 trojans and installed them. Several other viruses like "Geabot.exe and Agobot.exe" got through he's security since the protection i had obviously was a virus nothing more. The reason I'm writing this is because he's had that norton file on he's computer for over a month. It has never been detected by "Norton internet security 2004 PRO, www.housecall.antivirus.com and security.symantec.com + several ad-aware programs I figured i needet to type this in some forume so that I can watch him format in peace. The problem he's currently experiencing is that svchost.exe is using 100% cpu. tsc.exe is up and running. Good bye peeps. Good luck finding out wich virus he had. I know several of them after searching for them on google, but the main virus dont come up. Dont know the name or why it has been undercover for a month without getting detected. Good bye people. Wish him luck formating. If he get's a bluescreen when he reboot he's going to take out the BIOS battery and electrecute me with it! Odin shall smite thou evil virus maker!

errr why peps so quick to format i will never know, personally i would have took out the harddrive and set it as slave, hook it up to another computer and run nod32. but thats just me

I could use windows tho, but it wasn't detected by s---. I dont know the name of the virus either did i see any bad progresses. This happend several times after installing that norton file. Before i did not understand that it was a virus. That was because i trusted every freaking scan's that is out there. By the way. The virus deleted everything and left it in installed in the registery. I'm no registery wizard so i still wanted to format to have my computer clean. PS. I have 4 partitions. Windows on one so yeah. I format easily. Do not underestimate the power of partitions and formating! Odin shall smite thou evil virus maker!