Results 1 to 7 of 7
  1. #1
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    New York, New York, USA
    Posts
    538
    Thanks
    0
    Thanked 1 Time in 1 Post

    Security Risk Found - Symantec

    Evening –
    (XP, SR2)
    When shutting down, I received this message from Symantic:

    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Threat: Downloader
    File: Cocuments and SettingsNancy MayerLocal SettingsTemporary Internet FilesContent.IE5FC3AG7LKin[1].htm
    Location: Unknown Storage
    Computer: DG2ZPY71
    User: DG2ZPY71Nancy Mayer
    Action taken: Clean failed : Delete failed : Access denied
    Date found: Friday, November 23, 2007 3:44:55 PM

    I ran Ad-Aware, AVG Anti-Rootkit, Spyware Blaster. Nothing found.

    I ran Symantic AV again, and received “LiveUpdate was unable to update virus and security-disk definitions on your computer. Make sure that your system disk is not full and run LiveUpdate again.”

    When running it again, the 3 installed elements are
    Avenge MicroDefs25 save Corp 10
    Live Update
    Symantc antiVirus Corporate client.

    After downloading, there is an "X" next to Avenge MicroDefs…. I clicked it and see “LU1806: LiveUpdate was not able to install any of the 2 updates that you selected.”
    When I exit that screen, I see “LiveUpdate was unable to update virus and security-risk definitions on our computer. Make sure that your system disk is not full and then run LiveUpdate again.”

    Ran it again, same messages.

    I don’t know how to proceed: When I searched ocuments and SettingsNancy MayerLocal SettingsTemporary Internet FilesContent.IE5FC3AG7LKin[1].htm nothing was found.

    Googling didn't offer anything.

    Yesterday I installed KB 943460 (tho I don’t see it listed in Add/Remove programs). That’s the only new element, that I know of, on the computer.

    System restore: how to deal with that, or do I?

    I will leave the computer on until I hear what to do.

    Many thanks!

  2. #2
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Security Risk Found - Symantec

    About the security risk - I'd use the Internet Options control panel to delete all files from your cache. That should take care of the threat, if it still exists.

    About the failed updates: see Error: "LU1806: LiveUpdate was not able to install any of the <number> updates that you selected"

  3. #3
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    New York, New York, USA
    Posts
    538
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Security Risk Found - Symantec

    Thank you, Hans. The first thing I did was to delete the temp internet files (I do that whenever I sign off). Intrigued by your suggesting the threat might be bogus....

    I will run the removal tool and "report back."

    Thanks for your input.

  4. #4
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    New York, New York, USA
    Posts
    538
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Security Risk Found - Symantec

    Hi -

    Ran the Symantec removal tool and, so far, all is well.

    Thanks again,

    Curious

  5. #5
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    New York, New York, USA
    Posts
    538
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Security Risk Found - Symantec

    I am sorry to say that I again received a Threat message from Symantc. The culprit is apparently a trojan – Downloader. According to Symantec, the risk level is low.

    I have deleted the temp files.

    Symantec’s recommendation for removal is:
    Disable System Restore (Windows Me/XP).
    Update the virus definitions.
    Restart the computer in Safe mode
    Run a full system scan and delete all the files detected as Downloader.
    Clear Internet Explorer History and files, if needed.

    [Yes, I will turn Sys Restore back on after the above steps]

    Do you agree with their recommendation?: Is there another way to handle this? I’ve never been infected so don’t know best procedure. is there ANY way to track where the trojan came from?

    Many thanks.

    The “4” threats are:
    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Threat: Downloader
    File: COCUME~1NANCYM~1LOCALS~1TEMPOR~1Content.IE5Q4ZCAUSU 5_1_~1.HTM
    Location: Unknown Storage
    Computer: DG2ZPY71
    User: DG2ZPY71Nancy Mayer
    Action taken: Delete succeeded : Access denied
    Date found: Monday, November 26, 2007 11:22:47 AM

    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Threat: Downloader
    Downloader: Downloader connects to the Internet and downloads other Trojan horses or components.

    File: Cocuments and SettingsNancy MayerLocal SettingsTemporary Internet FilesContent.IE5U3VFVUZCscan[1].htm
    Location: Unknown Storage
    Computer: DG2ZPY71
    User: DG2ZPY71Nancy Mayer
    Action taken: Clean failed : Delete failed : Access denied
    Date found: Monday, November 26, 2007 11:23:17 AM

    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Threat: Downloader
    File: Cocuments and SettingsNancy MayerLocal SettingsTemporary Internet FilesContent.IE5U3VFVUZCscan[1].htm
    Location: Unknown Storage
    Computer: DG2ZPY71
    User: DG2ZPY71Nancy Mayer
    Action taken: Clean failed : Delete failed : Access denied
    Date found: Monday, November 26, 2007 11:23:33 AM

    Scan type: Auto-Protect Scan
    Event: Security Risk Found!
    Threat: Downloader
    File: COCUME~1NANCYM~1LOCALS~1TEMPOR~1Content.IE5U3VFVUZC SCAN_1~1.HTM
    Location: Unknown Storage
    Computer: DG2ZPY71
    User: DG2ZPY71Nancy Mayer
    Action taken: Delete succeeded : Access denied
    Date found: Monday, November 26, 2007 11:23:49 AM

  6. #6
    Plutonium Lounger
    Join Date
    Mar 2002
    Posts
    84,353
    Thanks
    0
    Thanked 29 Times in 29 Posts

    Re: Security Risk Found - Symantec

    I'd start by clearing your Temporary Interner Files as before, then run a scan to see if the risk is still found. If so, I'd follow the recommendation.

  7. #7
    4 Star Lounger
    Join Date
    Oct 2001
    Location
    New York, New York, USA
    Posts
    538
    Thanks
    0
    Thanked 1 Time in 1 Post

    Re: Security Risk Found - Symantec

    Thanks, Hans.

    The full scan reported No Threats (had reported no threats on Nov 23, also). Fingers crossed that this will delete the trojan and that I won't have to do the Symantec procedure.

    Appreciate your time,

    Curious

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •