Download Trojan/Belt.cab

[Long Drive]

First post so here we go -
Okay - what next? My Norton AV found Belt.cab and Belt.exe infected with
Download Trojan. I followed the recommendations from the Norton Anti-virus
and can't delete the files. (See
http://securityresponse.symantec.com/avcenter/venc/data/download.trojan.html)
Should I try to delete the files manually or what?
Thanks for your help-
Ed

 

[wsb1234null]

Should I try to delete the files manually or what?

Boot into safe mode so the file isn't loaded at startup then delete
it.

 

[David H. Lipman]

I think I have found it and it isn't a Trojan but it is malware.

McAfee calls this "IPSentry Application" - http://vil.nai.com/vil/content/v_100622.htm

Look in the Registry for the following info.

HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run
"SENTRY = "[Location from where the file is executed] \Sentry.exe"

McAfee Command Line scanner log using "/program" switch.
C:\Documents and Settings\lipman\Local Settings\Temp\Belt.cab\Belt.exe ... Found application
IPSentry.
C:\Documents and Settings\lipman\Local Settings\Temp\Belt.exe ... Found application
IPSentry.


Dave


| First post so here we go -
| Okay - what next? My Norton AV found Belt.cab and Belt.exe infected with
| Download Trojan. I followed the recommendations from the Norton Anti-virus
| and can't delete the files. (See
| http://securityresponse.symantec.com/avcenter/venc/data/download.trojan.html)
| Should I try to delete the files manually or what?
| Thanks for your help-
| Ed
|
|