I got a fake UPS invoice a few months ago with a nasty surprise in it. Norton found the trojan, but it still got through. Now, when I do a scan with my "TimeMachine" removable drive connected by USB, Norton keeps finding 30 examples of the trojan and says that they are "fully Repaired", but they show up again on each scan that I do. If I run the scan on the laptop ONLY, it does not detect the trojans.
Is there some way of removing these trojans that I am missing???
PS- I did do the live update to make sure all the definitions are up to date!
If I follow the directions you have posted, I am not able to get the items you need. I'll let you know the differences I am seeing and you can let me know if what I am doing is OK or wrong!
First, I did a manual scan, so it does not show up on the Auto File scan. So, Under manual scan I see there are 30 entries for the trojan. Under each of the 30, it remarks that File was deleted and virus was fully repaired. These trojans are only on the TimeMachine back-up drive, so i assume that the drive contains my last 30 back-ups.
When I get to the file path, I cannot copy/paste it. It simply does not allow a right-click. I also cannot see the full filepath, no matter how I expand the window or move the bars. When I hover the cursor over the line, it has a pop-up box that does show the full path, but as soon as I move the cursor, it is gone.
But basically, the filepath is from "library/mail/pop.earthlink/junk.mbox/messages/26150.emlx.
The others are a variant of that.(some have downloaded mail paths, and attachment paths)
Let me know what I am doing wrong with the capture of the path for you. I am stumped......
The copy/paste issue in NAV is a known one we will address in a future version.
I've decided we don't need to pursue the sample uploading we discussed via email, because the problem appears to be specific to Time Machine. Here's how I would suggest removing the files manually from your backups.
1. From the Time Machine menu (upper right of screen), choose "Enter Time Machine"
2. This will put you in Time Machine, which shows a Finder-like view of the backups.
3. Navigate to the infected files (as found in your manual scan)
4. Select the files (either individually or as a group)
5. In the Tools menu (gear icon) on the Time Machine window, select "Delete All Backups of xxxx" (where xxx is the file to be removed)
You'll receive an "Are you sure" alert, but if the file is the correct one, go ahead. This should prevent future scans from detecting the backed up files.
We'll investigate this further to see if we can make this work more seamlessly in NAV. Thanks for all your help, and let me know it this doesn't work or you have more questions.
I got a fake UPS invoice a few months ago with a nasty surprise in it. Norton found the trojan, but it still got through. Now, when I do a scan with my "TimeMachine" removable drive connected by USB, Norton keeps finding 30 examples of the trojan and says that they are "fully Repaired", but they show up again on each scan that I do. If I run the scan on the laptop ONLY, it does not detect the trojans.
Is there some way of removing these trojans that I am missing???
PS- I did do the live update to make sure all the definitions are up to date!