United States
turn on suggestions Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.

Norton 360

Reply
Topic Options
green15
Visitor
green15
Posts: 7
Registered: ‎04-26-2012
Accepted Solution

virus detected but unable to remove

Options

‎04-26-2012 11:38 AM

          I have scanned the file with norton.  It detects it as a virus

      Trojan.Zeroaccessinf2.  It says manual removal required  I scanned in

      safe mode. It says manual removal required.

 

 I clicked on the link

      to take me to manual removal instructions.  I downloaded the manual

      removal tool.  It says no viruses found yet security suite says its

      still there.

 

 I followed step 2 and used NPE.  I then follwed step 3

      and used Norton Bootable recovery tool.  Both say removal failed and

      to manually remove it.

 

 At this point Im not sure if its even a

      virus since it was part of a windows patch in the following directory:

      C:\WINDOWS\$NtUninstallKB2536276-v2$

 

File name was:  mrxsmb.sys

 

 I am running the comcast

      version of norton which has been updated to version 5.2.1.3 with

      latest definitions

 

I submitted the file to norton falss positives website and they responded contact technical support.

 

Report Inappropriate Content
Message 1 of 6 (812 Views)
0 Kudos
Quads
Bot Obliterator
Krazy Kiwi (Norton Users Discussion Forum)
Quads
Posts: 13,248
Registered: ‎07-21-2008

Re: virus detected but unable to remove

Options

‎04-26-2012 05:15 PM

In x86 systems zeroaccess patches a legit Windows driver so Norton is not allowed to delete the driver,   

 

Quads

Report Inappropriate Content
Message 2 of 6 (786 Views)
0 Kudos
green15
Visitor
green15
Posts: 7
Registered: ‎04-26-2012

Re: virus detected but unable to remove

Options

‎04-26-2012 09:33 PM

Thank you for the response.

 

But what should I do next?  I have the original xp disk.  Is there a way to fix this?

 

thanks!

Report Inappropriate Content
Message 3 of 6 (774 Views)
0 Kudos
bsodZeroaccess
Newbie
bsodZeroaccess
Posts: 3
Registered: ‎04-28-2012

Re: virus detected but unable to remove

Options

‎04-28-2012 12:04 PM

I would suggest downloading Hitman pro, it's able to detect this rootkit as it has just done it now in my Virtual Machine.

 

http://www.surfright.nl/en/hitmanpro/

 

Also, get: http://www.malwarebytes.org/

Report Inappropriate Content
Message 4 of 6 (732 Views)
0 Kudos
Super Spam Squasher
Super Spam Squasher
cgoldman
Posts: 2,929
Registered: ‎06-25-2008

Re: virus detected but unable to remove

Options

‎04-28-2012 02:19 PM

bsodZeroaccess wrote:

I would suggest downloading Hitman pro, it's able to detect this rootkit as it has just done it now in my Virtual Machine.

 

http://www.surfright.nl/en/hitmanpro/

 

Also, get: http://www.malwarebytes.org/

The problem here is not detection but correction or replacement of the infected file. Since for example malwarebytes specifically does not address rootkits, I do not endorse your suggestion.

Report Inappropriate Content
Message 5 of 6 (722 Views)
0 Kudos
green15
Visitor
green15
Posts: 7
Registered: ‎04-26-2012

Re: virus detected but unable to remove

Options

‎05-07-2012 10:47 AM

I solved the problem by going into safe mode and uninstalling hot fix patch KB2536276-v2$.  I then rebooted into safemode went to the microsoft site and redownloaded the hot fix and installed it in safe mode and the virus infected file was overwritten.  Windows update did not work in safemode thats why i had to manually download the hotfix.  Now the scans come up clean.

 

Thaks to everyone that tried to help

Report Inappropriate Content
Message 6 of 6 (659 Views)

Products

Services

Support

Norton on Facebook
Norton on Twitter
Norton's YouTube Channel
Symantec on Linked In
Norton on Google+