I went to open Norton Systemworks 2001 on my emachine at home. I noticed that although utilities, clean sweep and ghost were still there the antivirus button had disappeared. I clicked on the icon in the systray and then on "open antvirus" and it said that frame was unavailable. Is this a possible virus?

One reason I ask is that just yesterday I saw a post on another board where a guy had programs start disappearing off his computer one by one. In that case the icon was gone on the desktop and program was no longer in Add/Remove Programs. I don't know if he did a search for the program.

yeah Doc, it sounds glum.

I recommend an online scan @ Housecall (http://housecall.antivirus.com/) immediately- and close your email application until you get fixed up.

http://www.PCGuide.com/ubb/eek.gif



------------------
sea1_69@hotmail.com

homepage (http://www.seanweb1.homestead.com/index.html)

Check the Symantec (http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.h@mm.html) article about the W32.Klez.H@mmvirus, the first thing it does is disable anti-virus programs. THis sounds like you got it and it has installed.

Get the removal tool, or look up the webpage for your antivirus program and get theirs. Make sure you use the one written for your antivirus program.

DO NOT OPEN YOUR EMAIL PROGRAM until you get this resolved, it will send itself to your entire address book, it probably already has done so at least once, and will again if you open your email. Get this fixed before you let it spread more.

This virus searches for the address book and ICQ database for email addresses and sends itself to everything it finds. It also searches for email addresses all over the hard drive, so if you have any included in text files, etc, it will probably find them.

------------------
If your nose runs and your feet smell...
You're built upside down!
Note: Please post your questions on the forums, not in my email.

Computer Information Links (http://www.dreamwater.com/paleopete/computer.htm) has been moved, please update your bookmarks.

Guys, is it possible my year of free antivirus updates simply expired? I had Norton 2001 on there. I had bought 2002 for this computer also but gave that copy to my daughter. I think my time on the old one should be about up. I reinstalled 2001 and tried to update and it wouldn't work. I immediately ordered another copy of Norton systemworks 2002 and will install and update it.

I can open my email from my other computer where I have Norton 2002 intact.

You have been Infected By The W32.Klez. VIRUS

This Virus has the abilty to Load itself Before your Antivirus and Disable it
Hence the Code page / Frame warning. it can't load because the Virus is there

Go Here http://securityresponse.symantec.com/avcenter/venc/data/w32.klez.gen@mm.html

Get the Removal Tool.
Then Follow the Instructions Exactly on how to remove the Virus

IF you miss even One file or Registry entry it can Reinfect your system

If you have multiple versions of this beast on the system.
Grab the info for removing it manually as well.
Just print it out and follow it . In addition
While using the Remove tool

Read this one also http://www.pcguide.com/ubb/Forum1/HTML/000489.html

[This message has been edited by Rick (edited 04-28-2002).]

Well, I went through all the procedures for cleaning the above mentioned virus off my computer. It took quite a while, especially since I didn't know how to do any of it and had a non microsoft mouse which wasn't supported in safe mode. The end result is that it said I don't have the virus after all. I really think my year of free updates expired. Has anyone had systemworks and let the year expire? Did the antivirus protection disappear?

drdan,

I have been using Norton SystemWorks for a little over three years and your antivirus program (or icon) does not disappear because your year of free updates is over. The one year limit is just for the free updates, not the whole program. But don't give 'em any ideas http://www.PCGuide.com/ubb/eek.gif .

Something else is going on here. You might try an uninstall/reinstall to see if that gets you back in buisness.

Run all the free internet virus scans. Backup everything!!! Just in case. Then do the uninstall/reinstall. It may be that it was unintentionally deleted or maybe just some glitch or other.

Good luck, guy. http://www.PCGuide.com/ubb/smile.gif

------------------
Peace and Love, brothers and sisters. Peace and Love

Or it could be one of several other virii that attempt to disable your AV, it is just that Klez is particularly good at it and very recent!

------------------
mjc
Links list:Computer Links (http://www.dreamwater.org/tech/mjc/index.htm)

Celts are the men that heaven made mad, For all their battles are merry and their songs are all sad.

Check the startup folder in your system .
By using Msconfig in the run box off the start menu
Click on the Startup Tab
Below that look for a file name Like wink9.exe or any variation of Winkxx.exe
Other files that have No full path included in the command line.
This is how many infect and bypass the NAV protection..

The others are correct. Nav will continue to run regardless If you purchased the Updated Virus definition Subscription or not.

If you have a second system with an up to date NAV Virus scanner ( your Daughters ? )
And can create a rescue disk using that system ( Requires 4 to 8 floppy disks)
The write protect those disks.

Then use the rescue disk to boot your system.
it will warn you about not using the rescue disk on Your infected system.
Ignore this warning. Your Not going to use the rescue feature,
On the first menu it should display (Item 2) Virus scan.
This is a dos scan and will scan and remove all Virus found..
Just ensure that the second system has the most current definition files before making the rescue disk

Unfortunately You can not use the updated Def files with the bootable cd.

------------------
DEAR IRS
Please cancel My Subscrition

Just wanted to emphasize the point Rick made:

"WRITE PROTECT THE RESCUE DISKS OR ANY EMERGENCY BOOTDISKS!"

When completed, move the black slider so that you can see through both holes on the diskette!

Or, you could be going through this again! ARGH! http://www.PCGuide.com/ubb/frown.gif

------------------
May all your dealings in life be win/win!


Whyzman
----------------------
Reserved for Punishing Humor...A Pessimist's blood is always B-negative!

[This message has been edited by Whyzman (edited 04-28-2002).]

Okay more weirdness. I tried to make the rescue disks on my computer at work but I'm running w2k there and that apparently dosen't use recue disks so there was no way that I could find to make them. I checked Norton's website and tried to do the free online scan and it locked up my computer. I tried about five times and once it started loading it locked up. I just left it running to see if it would eventually unfreeze and my computer signed me off due to inactivty but then my phone would work. There was no "online" noise, no dial tone, nothing. I signed back on and then disconnected manually and the phone started working again. I decided to try downloading a scan from McAfee and that locked up my computer also. I can go to other sites (like this one) with no problem.

Did you go to the link I provided when I first answered your issue??

As far as I'm concerned this last post reconfirms virus to me.

sounds like the reformat/reinstall is inevitable.



[This message has been edited by sea69 (edited 04-29-2002).]

What Operating system are you running on the infected machine?
Win2K , NT and XP do not support the rescue disk from Nortons because of the requirements of the OS during bootup.

If you have Win9x or ME On the infected machine then you need a rescue set created on system running Win9x or ME

------------------
DEAR IRS
Please cancel My Subscrition

Thanks for the reminder about Housecall. I was able to run a complete scan with Housecall and it did not find any viruses. I'm not sure what to do now. Is it possible someone is hacking into my computer rather than a virus. One thing that is strange today is that some of my icons on my computer were rearranged.

Hi drdan,

I don't think you need to be worried about the icons being rearranged. This often happens after you boot to safe mode. HERE'S (http://search.support.microsoft.com/search/viewDoc.aspx?docID=KC.Q256196&url=kb;en-us;Q256196&dialogID=24619847&iterationID=1&sessionID=anonymous|22893788) a KB explaination.

Ya know, you haven't said what operating system your using.

But let's recap. Norton A/V button is gone, but the icon is there. When you click the icon it says the frame is unavailable. You uninstalled/reinstalled SystemWorks 2001 but it would not update. That makes sense if your 1 year subscription is done.

You have run at least two virus scans and have detected no viruses.

You tried to run an online virus check from Norton and Mcafee but could not.

Other than not being able to update the Norton antivirus, are you having problems using your computer?

------------------
Peace and Love, brothers and sisters. Peace and Love

Sorry, Im running Win ME on the one in question. No, other than not being able to load the Norton and McAfee online scans I don't think I'm having other problems. The copy of systemworks 2002 should be here soon and I'll install and run that.

Oh Tay...Let us know how it goes... http://www.PCGuide.com/ubb/wink.gif

------------------
Peace and Love, brothers and sisters. Peace and Love

Just an update. I got Norton 2001 to reinstall and update again so I could have continued with that I guess. I already had 2002 coming so I uninstalled 2001 and installed 2002. Seemed to go with out a hitch. I ran Live update a few times to makes sure I had all the recent virus definitions and then did a full scan. No viruses detected so I guess this was all just Win Me (or maybe Norton) wierdness. So far seem to running all right. System restore has not worked properly for a long time. Anyone know how to just shut it off completely? Maybe install the Roxio Go Back instead(or not)?

To completely remove System Restore in ME, have a look here (http://www.arstechnica.com/ask-ars/).

Scroll down to the heading "Windows Me System Restore: How to Excise Cleanly (without a hammer)"

Be warned!

It does involve some serious registry tweaking, so make sure you back up the registry first...

------------------
Boo!®