Virus while online.

  kimjhon 22:11 22 Feb 2003

Some time ago, when I was surfing, I got a blue screen. It was my anti-virus telling me it had encountered a virus. It asked what was it to do - repair, delete or ignore?
When I chose either of the first two options I was told that Norton was not able to do this.
So I logged off and scanned my PC, having installed the latest definitions. No viruses were found. But then I noticed my firewall had blocked Norton Auto-protect Agent.
I have since failed to get my tiny brain around what was going on.
What was Norton going to do if it got online?
From where was it going to delete a virus?
Can anyone enlighten me, please?

  spruce 01:11 23 Feb 2003

Sounds like the bug bear virus, which disables your a/v. Download the repair tool from
click here

  GANDALF <|:-)> 01:32 23 Feb 2003

This usually happens when you visit certain sites that use .exe scripts. You have not got a virus but Norton thinks that you were about to be attacked. re-enable the agent and continue as before. Sometime you can lose your video drivers as well.


  kimjhon 04:00 23 Feb 2003

Hi spruce
It happened a couple of weeks ago and all seems OK. I don't think Norton was disabled. Just that Zone Alarm was not configured to allow it through. Zone Alarm had a record of it trying. I have seen to it that it can get out now, of course.

GANDALF <|:-)> am still puzzled as to how Auto-protect Agent would have opperated had it got through. Presumedly if I was attacked the real time checker could have coped because the code would have been on my PC. But what could it have done online? Why did it want to pass the firewall ?
Prob being dense here, but how would I have lost the drivers ?

  kimjhon 14:38 23 Feb 2003

Hi Chaps
Woke up this morning with the answer in my head : Norton was just trying to report home with info about the supposed virus it had found.
Encouraged my brain still functioning - albeit on a subconscious level.

  bremner 14:43 23 Feb 2003

This explaination is from the Symantec (Norton)site that may be what you experienced.

Norton AntiVirus (NAV) detects JS.Exception.Exploit when I visit some Web sites, but will not "delete" it. Why?
When you visit a JS.Exception.Exploit Web site, the exploit is detected by NAV, usually in a temporary Internet file. NAV then reports that it cannot repair, quarantine, or even delete the file. This may happen more than once until you close the Web site. If you then scan with NAV, it finds no infections. Here is why:

NAV is detecting the exploit itself, and it detects it as it is scanned by Auto-Protect when it is copied to the Temporary Internet Files folder. Because these temporary files are deleted as soon as you close the Web page, the exploit will not be found during a regular scan because it is no longer there. Also, because it is the exploit itself that is being detected, the exploit will be detected even if you are using a patched system or even another Web browser.

  kimjhon 15:38 23 Feb 2003

Thank you, bremner, that's great. Everything explained, now. Not a bad forum this, is it?

This thread is now locked and can not be replied to.

Elsewhere on IDG sites

Best Black Friday Deals 2017

How modern book design was influenced by illustrated manuscripts

Best Black Friday Apple Deals 2017

Les meilleurs logiciels de montage vidéo gratuits (en 2017)