03-08-2009 01:43 PM
get this message constantly and cannot remove the offender
Scan type: Realtime Protection Scan
Event: Virus Found!
Virus name: Trojan Horse
Action taken: Clean failed : Quarantine failed : Access denied
Date found: Sunday, March 08, 2009 4:41:20 PM
what to do?
03-08-2009 01:59 PM
03-08-2009 02:02 PM
What is your OS (XP, Vista, ??, service packs?)?
What is your Antivirus software and version (Help>About>Version)?
Can you download SUPERAntiSpyware and update / run it in Windows SAFE mode?
03-08-2009 02:04 PM - edited 03-08-2009 02:28 PM
Thanks for the detail -- what version of Windows are you using including Service Packs and whether 32 bit or 64 bit.
What version of what Norton software are you using -- Name and Year and Version ID -- check in Help / About nn.nn.nn.nn
Are you logged on with full administrative rights? If not that could be stopping the deletion and running Norton in SAFE mode might fix this.
Have a look at this message: How to troubleshoot a suspected Malware infection
At the end are these instructions on submitting a file for checking:
Submit suspicious files for analysis:
Any suspicious files identified in the above steps should be submitted to Symantec Security Response for analysis:
- There are 2 locations to which you can submit malware:http://www.threatexpert.com/submit.aspx - use this submission page if you would like a quicker response on your submitted malware. It also provides a place to track your past submissionshttps://submit.symantec.com/retail - use this submission page if you would like to pass along malware information to Symantec without an immediate follow-up
- Locate the files identified above and submit for analysis following the instructions provided
- An email with a tracking number one will sent once the submission has been received.
- A closing email will be sent once submissions have been processed with the results of the analysis
- For files which are determined to be malicious, details of the definition versions which provide detection will be included in the email.
The threatexpert is really interesting since you can get a reply back in a few minutes -- a test file I sent took about 7 minutes for the very detailed email to arrive. (You don't get an email with a tracking number with this service and the incoming email may be put in yuour spam folder if you have a spam filter so check there as well as your normal in-box (and tell the AntiSpam not to filter it in future <s>)
The second may take much longer to hear from.
Look forward to hearing from you with the information and whether your are able to follow the analysis methods which help everyone.
03-08-2009 06:49 PM
Hi1. Download, install, update definitions and run a full scan of Malwarebytes http://www.malwarebytes.org/mbam.php2. if that doesn't work, post a Hijackthis log, Hijackthis http://www.trendsecure.com/portal/en-US/tools/secu
ust downloaded and ran Malwarebytes and appears that it has removed the problem..................after trying three other applications earlier
thanks very much!
So what is the name given by Malwarebytes for this Malware??