Posted 13 April 2007 - 09:14 PM
I have been infected by a virus in the last few days which I have hopefully appeared to resolve. I'm not here to request help with this (just yet), I just wanted to share my solution, since it's taken me around 20 hours to rid my system of this f***er, I wouldn't wish this on anyone else. Having searched the web with the name of this virus and it's stealth alias I found little info, so I'm guessing this may be a new strain.
The symptoms of this virus have bee described elsewhere on this forum and on the web - The virus manifests when multiple "Symantec Email Proxy" messages emerge from your system tray. The messages, usually headed with some guff about losing weight, are systematically sent to an alphabetical list of email addresses, in my case, all in the Yahoo.com domain. NIS tells you it is blocking large batches of messages from being sent from your computer although you may not using an email client or web browser.
I'm running Norton Internet Security, fully patched. Norton Antivirus does not detect this. Anyway, after trying many possible solutions given in numerous forums, I ran AntiVir and it detected a virus immediately after logon.
The name of the virus was given as TR/Proxy.Agent.KJ.35.
The virus runs in your process list under the name winlogon.exe, so if you've observed your process list to establish the cause, it will be impossible to detect. (Obviously, don't go into your Windows system folders and delete this file as it is necessary for your system to run.)
I hope this is helpful to anyone who encounters this evil bleep.