1. I scanned all my drives using the new Norton Internet Security 2010 and apparently it missed out some security threats on the first scan. On subsequent scans while my computer was idle, it found a Trojan.Alemond. How and why did NIS 2010 miss out that threat in the first place? I did not download any new files or whatsoever. The file was there and has not been edited at all since the first scan.
2. How and why does a working MP3 music file contain a Trojan.Maliframe!html high threat virus? Is there any way to remove the virus without deleting the music file?
Sorry to hear you are having problems with your computer. There may have been antivirus definitions updates between the times of your various scans. When NIS found the trojan, did it remove anything?
Unfortunately, a piece of malware can enter into any file on your computer. Music files can easily become infected. It depends on how you got the MP3 file and what you are using to listen to it. Sorry, but I don't know if cleaning up the malware will delete your MP3 file.
You can try running a full scan with Malwarebytes free version and see if that will clean up your malware.
Download the free version, install and update then run a FULL scan. After the scan completes you should post the logs back to this thread. You can post the log by using the add attachment right below the post button.
It is a safer location to get the program from than malwarebytes themselves because the malware writers some times block the security programs' websites.
Yes, NIS quarantined the Trojan. 2. How does a malware enter into a file? 3. Is there any way to clean up malware without deleting the file using NIS 2010?
Performing a full system scan using MWB now. Btw, shouldn’t NIS 2010 be able to do what MWB is able to? If NIS 2010 can’t do what MWB can do, shouldn’t people buy MWB instead?
No one security program can be 100 % effective. Malware is constantly changing. Malwarebytes has a different engine than Norton's products have. The free version can help to supplement your Norton product. Your Norton product can do some things which Malwarebytes can't do. They sort of complement each other. The free version of malwarebytes won't interfere with your Norton product because Malwarebytes is an on demand only scan where as NIS is a real time program.
Malwarebytes is not an antivirus program. It is a very good hunter of malware using a different set of definitions, that is also able to make changes to the registry and produce a log.
Norton does not prevent you from downloading things into your computer. We have seen instances where users disabled Norton so that they could download something that was malware. Norton can not protect users from themselves.
Try submitting the file here to see if it is a false positive. If it is not, there may be no alternative but to get rid of it.
On the main NIS2010 interface, click on Quarantine. In the list that is presented, click on the file in question and click on More Details. In the More Details view, click on Submit to Symantec.
Um no? That wasn’t what I was asking for although you tried to help. I want to submit to http://www.threatexpert.com/submit.aspx so that I can get instant results, not some place where I won’t ever get results back from.
piggybacking to ravan's unanswered question, i was at the full history tab and decided to clear the long list of entries. surprise, surprise! it cleared all the tabs of everything, including the existence of the only entry regarding a certain file that was quarantined.
the quarantine tab had shown an entry that was "pending" after manually submitting to symantec. now that tab is empty and the folder where the file was from does not have the file. again, how does one submit a file to threatexpert when the file is nowhere to be found? and is my "pending" status annihilated?
in my case, it's an executable installed by a program. so i can certainly reinstall and see what happens. an mp file poses an interesting scenario. if there was a backup, why isn't that also quarantined? if there wasn't a backup, a paid for download some time ago may require a new payment to re-download. otherwise, a re-creation of the mp file, well, if and when will the quarantine kick in?
My simple question still remains unanswered. Is there a lack of people who know what to do with the program their company developed?
THIS IS MY QUESTION: Ok I want to submit the file for scanning, but how do I find the file that NIS 2010 quarantined? I don’t know where NIS 2010 stored the file.
I'm trying to do this from memory, so bear with me!
Click on 'History' under the Computer section
Select the 'Unresolved Security Risks' view
Select the risk from the list then click on 'More Details' (or just double click the risk that's in the list)
When the new window pops up you'll see it says 'Advanced Details' and you need to look for 'View'. Next to this it will say 'Risk Details' which you need to click on.
A new window will pop up and then you need to click on the 'Details' tab.
It may have more than 1 item listed under 'Affected Area', so select the item you're interested in
@ BelovedDaughter Thanks but mthe particular MP3 file has already been quarantined, so it listed under Ressolved issues AND it does not appear on where I originally stored it on my hard disk.
I want to know how to find the folder of quarantined files so that I do not have to UN-qurantine the file and risk further spread of the virus, since I do not know what the trigger for the virus is, whatever it may be.
The folder you are looking for should be the QBackup folder. This would not help you much though since the files are not kept in an "open" state, they are quarantined and that basically means that Norton has removed access to those files using encryption.
If you want to submit the file anywhere else than to Symantec you will have to restore it from quarantine. I do not know if there are any workarounds to this.
The location of the QBackup varies with your OS. I am not sure on the exact path on Vista and Win7 atm but the paths below should be able to guide you to the folder.
Oh, sorry for the misunderstanding. Anyway, it looks as if jAW might be onto something, so I hope you get it sorted.
I may need to pick his/her brains too! I've just downloaded the anti-malware program which I'm hoping will remove a mythxpak.exe file that came up as a threat on my NIS. I tried removing it with Norton but it's a stubborn little thing!! Wish me luck!
I forgot to say that in order to be able to manually handle anything in the QBackup folder you will have turn off Tamper Protection in Norton (Settings, Misc).
@BelovedDaughter
mythxpak.exe (Myth X Pak) could be a part of a downloaded game. If so it is likely to be inside a compressed file/folder and that could prevent Norton from deleting it or putting it in quarantine. You should be able to find the location of the file through Nortons history. You can also try to install and do a scan with Malwarebytes if you have not already. That is a good standalone scanner that might be able to help you clean out any threats in your system.
If you need any additional help to sort it out please start a new thread describing the issue and I'm sure that you will get well cared for. :)
Wish me luck!