I have a trojan horse virus. NAV has detected it, but can't repair or remove it, so it is quarantined. I have deleted it from the NAV quarantined files, but it keeps surfacing and getting "re-detected", so I quarantine it again. I emailed NAV support and got this response: "filename: C:\WINDOWS\system32\svc.exe machine: G7V0X3 result: This file is infected with Trojan Horse Developer notes: C:\WINDOWS\system32\svc.exe is non-repairable threat. NAV with the latest beta definition detects this. Please delete this file and replace it if neccessary. Please follow the instruction at the end of this email message to install the latest beta definitions. The current monthly definitions are capable of detecting and repairing this virus. Please update your definitions by clicking the "LiveUpdate" button in your NAV program. " I followed their directions, but no luck. When I do a search on my hard drive for the file,it can't be found. I downloaded Tauscan and ran it, and it says I don't have a trojan horse virus. how do I get this out of my system? Thanks for helping!

Here is more info on your trojan. http://www.esecurityplanet.com/alerts/article.php/3095901 Restart to safe mode and run msconfig > startup tab UNselect SVC Also, browse to \System32 and delete SVC.exe Reboot Also, start running NAV in autoprotect mode. Then any virus/trojan will be detected on the way in, not after the fact.

Hi Ken, Unfortunately, running MSCofig and unchecking this does nothing to CURE the problem, it will remove it until you get hit again by it. MSCofig is for troubleshooting, not fixing problems. To check & uncheck an item is only for finding the culprit and then taking proper actions. I tell my customers that they should always be running in normal mode. I have not personally worked on this problem but have checked with some other techs. I am told by two different techs that running AD-Aware from www.lavasoftusa.com will detect this and remove it. Both techs said their customers got the exact same email from NAV and are both still waiting for a follow up response. If you are inexperienced with SpyWare removal tools, be VERY careful as these also edit and/or delete keys in your registry that can render your computer unbootable. If you choose to run Ad-Aware, just work with this particular problem (SVC.EXE)until you can research other items found. Good luck

Thanks for the info, I'll let you know how things go! Ken