GR_Ranger 0 Posted May 1, 2008 Share Posted May 1, 2008 (edited) I just got my first virus detected by norton in a while - [url=http://www.symantec.com/security_response/writeup.jsp?docid=2003-090514-4048-99&tabid=1 Anyways, my norton security 2008 found 7 of these and says they're all resolved. Here's the summery - Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [counter.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\0\7dc6f380-4651d8e3] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [dummy.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\0\7dc6f380-4651d8e3] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [parser.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\0\7dc6f380-4651d8e3] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [getaccess.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\45\413ced2d-349b4072] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [installer.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\45\413ced2d-349b4072] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [newsecurityclassloader.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\45\413ced2d-349b4072] - Deleted Trojan.ByteVerify Virus ID: 36538 Type: Compressed Risk: High (High Stealth, High Removal, High Performance, High Privacy) Categories: Virus State: Fully Resolved ----------- 1 File [newurlclassloader.class] inside of [c:\documents and settings\tyrone\application data\sun\java\deployment\cache\6.0\45\413ced2d-349b4072] - Deleted Looks like they were all in my java cache, so I went into the Jave control panel and emptied the cache after the scan. I also did not notice any of the symptoms mentioned so hopefully the virus was not executed? I mean, if a virus were actively doing things Norton Autoprotect would notice it right? Any ideas on where I might have caught this virus from? Edited May 2, 2008 by GR_Ranger Quote Link to post Share on other sites
oshead 0 Posted May 2, 2008 Share Posted May 2, 2008 sry, i don't know where you could have gotten it from but a good idea is to use only trusted programs and trusted sites with any plug-in. social networking sites should not be trusted sites. also, with plug-ins like flash and java you can turn off storing files locally on your computer. in your case, specifically, just open the java control panel in your windows control panel, then click on "settings" under the heading "temporary internet files" and uncheck the "keep temporary internet files on my computer." also, always remember to keep all your plug-ins updated. it doesn't matter if it is quicktime, real, move, flash, java, shockwave, adobe reader, or whatever else is out there. if it is a plug-in for a program on the net, keep it updated. you may know this but others may not and as a computer repair tech i see way too many cpu's brought in by ppl who refuse to do this simple task: update. btw, as much as i loathe norton, glad it is working for you. it is a good thing to have a trusted av and firewall running at all times and props to somebody who is doing that, no wonder it is your "first virus detected...in a while" Quote Link to post Share on other sites
KRP 56 92 Posted May 2, 2008 Share Posted May 2, 2008 Got same type of virus on 4-16 and McAfee cleaned it out for me. Reading their statement said it usually is contacted just by visiting an infected web site. Can't say exactly what web site I may have contacted it from but I remember looking at a few web sites that had music album cover art listings when McAfee poped up and said it removed that virus. Quote Link to post Share on other sites
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.