I performed a scan on my Macbook pro a couple of weeks ago and nothing was found. I did another scan today and a Trojan.Gen was found in my system library. I tried to repair the file but the "repair failed". I noticed in a similar thread on this forum that I would need to download the latest antivirus definitions, which I did.

However, I performed another scan after downloading the latest definitions, and still the "repair failed".

I also checked my Airport DNS in system preferences>>Advanced, and there is only 1 IP number, but it is grey and not black and a location IP check shows this IP is located in Marina Del Rey, Ca, while I am located in the UK.

Please could someone help.

Can you check in the activity log to see what the path to the trojan is?  I'm curious if it's in Java cache.  

You should be able to be able to manually delete the file, sorry that NAV is not doing this, but thanks for trying the latest defs.  I don't believe these Trojans actually do anything under Mac OS X, so I suspect the strange IP address is unrelated.

Hi, thanks for your reply.

Would it be possible for you to give me step by step instructions on how to find the activity log on y macbook pro, and delete the trojan manually, please.

I have just found the activity monitor in "Utilities". Is that what you meant? There seems to be a lot of activity logged, though, and there are no dates attached as far as I can see. 

Please could you specify what exactly I should be looking for.

Thanks.

In the Norton AntiVirus application, you can access the Activity Log by clicking on the blue "View recent activities..." link in the main window (Status and Scanning tab).  The path to the Trojan should be under the "Details" column.

There are a couple ways to delete the file.  If you can navigate to the folder in Finder, you can delete it there (you may need your admin password).  If not, run /Applications/Utilities/Terminal, and type:

sudo rm -f <path>

Where <path> is the path shown in Recent Activities.  You'll need your admin password here also.

I have changed the user to "MYSELF" and copied the pathway details in the activity log.

/Users/"MYSELF"/Library/Caches/Java/cache/6.0/28/68a9cc5c-1a69e973       2 Items

08/09/2010  18:21                Manual Scan                        4 Problems

The "2 Items" in my previous post are pathways to the same trojan, after scanning my system twice. The other details are identical,  so I have just written them once, to see if you can identify it, and in case details on how to delete it differ from what you have previously mentioned.

I have now found the folder where this file is located but there are two files in this folder, and both have identical numbers except that one has .idx at the end of its number.

You should be able to delete both files safely.  Thanks for verifying that the location, this is the case I suspected.  We hope to have a fix out in the near future.

Thank you!