Trojan.Gen help

Hi,

I hope I've posted this in the correct place--I apologize if I haven't. 

Tonight I got an email from my email provider, Comcast, saying that one of the computers connected to my modem had a bot and that if I hadn't already, I should download Norton.  I'm ashamed to say that I hadn't dowloaded it, but I did then and ran it on my computer and everyone else's in the house.  We all had viruses detected and I tried to delete/quarantine/remove all that was found but some have remained and say "removal failed".  I have read on here about how to remove even those trojans that say that removal has failed but I really don't understand the explanations--they seem to advanced to some so compute-challenged as myself!  I wonder if someone could help me by giving me some really basic instructions to get rid of these items that shouldn't be there.

Thanks in advance!

Manual removal instructions

 

1. From the /Applications/Utilities folder, launch Terminal

2. Type or copy and paste the following:

 

sudo rm -rf ~/Library/Caches/Java/cache/6.0

 

3. Hit "return" at the end of the line if you didn't include it above

4. If prompted for a password, enter it and hit "return"

5. To verify infections have been removed, run a NAV scan

 

If you have multiple users on the machine and are still seeing infections, try the above while logged into each of the user accounts.

On a side note, we are still trying to determine why NAV does not delete these automatically.  If anyone is willing to submit a sample, feel free to contact me via private message.

The exact same thing happened to me yesterday (email from Comcast, installed Norton, found Trojan in Java cache, etc.). When Norton didn't seem to be able to delete the file, I just deleted manually (dragged the file – actually all the Java cache files – to the trash and did a Secure Empty Trash).

 

Is that OK – or, since I didn't use the command line method mentioned in this thread, could there still be a problem?

That should be fine, as long as you had permission to move the file it should be gone now.  You can verify by manually scanning the /Library/Caches folder (e.g. drag it onto the Norton AntiVirus main window).

Thanks for your help!

Hi,

I hope I've posted this in the correct place--I apologize if I haven't. 

Tonight I got an email from my email provider, Comcast, saying that one of the computers connected to my modem had a bot and that if I hadn't already, I should download Norton.  I'm ashamed to say that I hadn't dowloaded it, but I did then and ran it on my computer and everyone else's in the house.  We all had viruses detected and I tried to delete/quarantine/remove all that was found but some have remained and say "removal failed".  I have read on here about how to remove even those trojans that say that removal has failed but I really don't understand the explanations--they seem to advanced to some so compute-challenged as myself!  I wonder if someone could help me by giving me some really basic instructions to get rid of these items that shouldn't be there.

Thanks in advance!

Lee, I am running OSX Version 10.6.8 on my iMac. My NAV scan today shows 2 Trojan.Gen  infections, repair failed.  The pathway  seems to be via   /Users/my name/Downloads/mcshdr.pkg/Contents/Archive.pax.gz

  I am not particularly computer literate but I think I have followed your online suggestions to remove these infections but without success.  I don't understand what you mean by "submit a sample".  I would be grateful for any sugestions on how to remove these Trojans

Regards....Kevin (Gilbok)

 

 

By submitting, I meant to send us a copy of the infected file to help determine why it isn't being repaired or deleted.  I can give you more instructions if you are interested.

 

To remove this one manually, you should be able to just drag the mcshdr.pkg file (found in your Downloads folder) to the trash and empty it.  If that doesn't work, let me know and we can try some other methods.