I have Norton Security 2009 and the problem is that it has detected a Trojan Horse in my system but it doesn't remove it. It only blocks it and every 2-3 minutes an information comes up that Norton has detected a trojan horse and it has been blocked, but when I run a full scan system it doesn't finds anything.
Everytime its being detected in a sub-directory of the following directory: C:\WINDOWS\Temp\
for example: C:\WINDOWS\Temp\tqbd.tmp\svchost.exe
Request your help in removing the Trojan Horse completely?
It is possible that you have a Rootkit or another threat.
Let's rule this out.
Please download and install Malwarebytes Anti-Malware at this location. It is the new version. when you install it, update the definitions to the latest release and run a Full Scan. When complete, attach the logfile (.txt) which it will create, in this thread.
Use the Add Attachments hotspot under the orange POST button on the lower left hand side of the window pane.
The logfile will be analyzed and the next step will be posted.
I know you are running NIS 2009, but when this is resolved, I would like you to download a free upgrade to NIS 2010.
Odd that this is the 2nd thread with the exact same thing found today. The other thread was marked as solved without a solution really given. If the malwarebytes log is the same, then it may be a strange coincidence or else this is a new rootkit which is partially being found by Norton's.
While Malwarebytes might clean up the attendant malware, it will not touch the rootkit. You will need to visit one of the malware removal forums listed below for more appropriate assistance.
The danger in suggesting MBAM is that the user, as seen in the mentioned thread mistakenly believed that his problem was solved. This does the user no service and leaves him insecure.
Do you think that the OP should go directly to those sites (I am familiar with two of them) now, or first determine if it is indeed a Rootkit? There are some tools (i.e. SysProt) to produce a logfile for analysis which have been used on this forum that could help with this and not compromise the OP's system.
Please share your feelings with us. We are open to suggestions.
Do you think that the OP should go directly to those sites (I am familiar with two of them) now, or first determine if it is indeed a Rootkit? There are some tools (i.e. SysProt) to produce a logfile for analysis which have been used on this forum that could help with this and not compromise the OP's system.
Please share your feelings with us. We are open to suggestions.
TIA
Message Edited by Plankton on 01-08-2010 09:56 PM
SysProt won't show it, no point in doing useless scans
Do you think that the OP should go directly to those sites (I am familiar with two of them) now, or first determine if it is indeed a Rootkit? There are some tools (i.e. SysProt) to produce a logfile for analysis which have been used on this forum that could help with this and not compromise the OP's system.
Please share your feelings with us. We are open to suggestions.
Please do not throw such temptation in my path.
Is that the royal "we" or is there more than one of you?
While Malwarebytes might clean up the attendant malware, it will not touch the rootkit. You will need to visit one of the malware removal forums listed below for more appropriate assistance.
The danger in suggesting MBAM is that the user, as seen in the mentioned thread mistakenly believed that his problem was solved. This does the user no service and leaves him insecure.
When I nipped back to that other thread, it was too late, it had already been marked solved :-( However, I'll try to grab the poster's attention :-)
BleepingComputers is a very busy place, so you will have to wait your turn. When they do get to you, please follow their instructions to the letter. If you have any questions about what they want you to do, ask the question before you do it. I would recommend that you stay away from banking sites, and buying anything with the infected computer. In fact, use it as little as possible. The more a computer is used when it has a rootkit, the worse it may get. Please come back and let us know how you making out. Thanks.