Symantec Dregs

I finally resolved an annoying series of “Win32:Trojan-gen {Other}” thanks to DavidR’s tip about Symantec live update applications: http://forum.avast.com/index.php?topic=36812.0

Instances of the “Win32:Trojan-gen {Other}” occurred in several locations (Program Files & System Restore), but in all cases, the offending files seemed to originate from Symantec (file names included SymLT.MSI, SymLCSVC, etc.)

I had eliminated Norton Antivirus a very long time ago, using Norton’s Removal Tool. However, I totally forgot that I still had an old copy of Norton Ghost on my computer.

Following DavidR’s advice, I checked in C:\Documents and Settings\All Users\Application Data\Symantec\LiveUpdate, & I found the LiveUpdate culprit. (Those sneaky so-and-so’s!)

I uninstalled Norton Ghost, then scoured my computer for any possible remnants, which I deleted.

Once that was taken care of, I disabled System Restore, then rebooted (purging old System Restore points), and voila: No more Symantec c**p!

But I still have a question:
I’ve run plenty of Avast scans, but these Symantec-based “Win32:Trojan-gen {Other}” warnings never occurred until fairly recently. Why is that?
Had the Symantec LiveUpdates changed in some nefarious way, or has Avast only recently begun to identify them?
Just wondering…

The “Win32:Trojan-gen {Other}” definition was probably updated to catch more malware. Unfortunately this seems to have generated a few false positives too.

Welcome to a Symantec-clean computer :wink:

Indeed, besides the final judgment about these files, seems that they are false positives and not really infected ones. Symantec is bad, but it’s not a malware source.