Mrs. Muddled Posted December 13, 2006 Posted December 13, 2006 Okay, now I'm good and frustrated. I am very careful with my computer. I run my Shaw Secure virus checker every day. It's actually F-secure, only the local Shaw guys run it. It is my virus checker and my firewall. It usually does a good job. I'm not complaining - well maybe a little. Every couple of weeks I run an internet Trend Micro ... just to make sure Shaw isn't missing anything. So, Sunday I run a Trend Micro and BOOM, up comes an alert in the middle of the screen. It's under the F-Secure Banner. Malicious code found in the file C: .... etc. It's in my temp file. Well, you know the story - I finish running TM. It can't do anything about this trojan. I clear out everything. I even do a system restore to the last week! I defrag. I run Clean up! Nada. It isn't showing up on my virus scan - but there it is every time I run Trend Micro. It just keeps giving itself a new name. I call Shaw. I call Shaw four times. I do everything they suggest. They have never heard of this trojan. Great. I can tell they haven't a clue what to do. Shaw tells me to write to F-Secure (their parent company) and see if they've ever heard of it. I do. No reply yet. It's not on their list either. There is something similar, but not the same. It is also an openstream. It's malware. When I Googled it it came back as High risk and suggests removing it. Great. I've spent the day on this - and I'm not gettin' any younger here! Did I mention Shaw told me to try the program called Trojan Hunter? Well they did, and I did. Computer came up clean. The trojan isn't on their list either. So, I wrote to them. I got a one liner back saying to clear out my temp file and turn off my virus checker when I do that. My temp file IS empty! Was there some part of that suggestion I'm not catching? If you have any idea how I can get this "thing" off my computer I'd be your new best friend. Cheers & best of the season to you! Quote
Mrs. Muddled Posted December 14, 2006 Author Posted December 14, 2006 I have just run Symantec's web based virus checker. It came up with this: C:\Program Files\Mail PassView\mailpv.exe is infected with Hacktool.PassReminder It didn't spot the one I originally told you about. Now I'm REALLY worried! Quote
Madmanmcp Posted December 14, 2006 Posted December 14, 2006 (edited) Mrs Muddled, try rebooting your computer into "safe-mode" and then run your virus scanners, Trojan Hunter, and whatever else you had. Reboot again into normal Windows and check again. Edited December 14, 2006 by Madmanmcp Quote
TCH-Thomas Posted December 14, 2006 Posted December 14, 2006 To remove the first one, please see: http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?ID=53968 The Hacktool.PassReminder might need to be deleted manually by removing the directory "Mail PassView" located in program files, if I understand several google search results correct. Quote
carbonize Posted December 14, 2006 Posted December 14, 2006 C:\Program Files\Mail PassView\mailpv.exe sounds more like something somebody has installed on your computer as most viruses hide themselves in the various windows folders. I used to use Avast anti virus until one day I decided to upload a file I had just run to a site that checks it with various anti virus engines and nearly every other anti virus engine detected it as a virus. I now use Active Virus Shield which is made by AOL but uses the Kaspersky engine. Quote
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.