Solved

hotmail told me a file was virus free....they were wrong....what can i do?

Posted on 2004-10-19
14
569 Views
Last Modified: 2010-04-11
I got a hotmail message and for the first time ever, their virus detection system failed. It told me there was no virus detected but it had one and it happened quick because I was not expecting it since hotmail told me it was not detected. It is located in documents/temp. and was some sort of "worm". It told me to open my AVG to locate and remove it. But, AVG did not find it. I do not know the precise location of this virus. What I gave above was what I quickly saw. I remember seeing the word temp or temporary. While AVG was running a scan, I went to control panel, internet options and deleted the cache.
Would this alone have removed the virus?
why did hotmail miss it?
why does AVG not find it?
how can I find it?
0
Comment
Question by:nickg5
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 3
  • 2
  • +4
14 Comments
 
LVL 2

Expert Comment

by:cofneverlivetotell
ID: 12355614
Well HMail do state that theie virus scans are not perfect and hold no responsibility for you getting infected.  If you are, then get something like symantec or sophos anti-virus with latest patches and try them with it.  If it has installed itself then clearing the internet cache will not help you.

CHeers
Cof
0
 

Expert Comment

by:tungduong
ID: 12355883
AVG may not detected all the virus. I as thinks, NAV may be the best anti-virus program. You can download one of Norton Antivirus Version and update newest virus definition, run and try to detect.

I dont know exactly where to download trial version of NAV2005 but you can search it through the google.com.

BR,
0
 
LVL 9

Accepted Solution

by:
TannerMan earned 40 total points
ID: 12356738
Do not EVER count on any single antivirus detection system to catch everything. Especially from a free mail system. At least that is my opinion. However, not to just be critical I do offer a suggestion. Go to the TrendMicro Systems link I have included and it will scan your system with "their" latest virus pattern file. If the virus at hand has been dealt with by their folks, then it should detect it. You can also research on that site as well. Hope it helps.
http://housecall.trendmicro.com/

0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 3

Expert Comment

by:jbedwar1
ID: 12359402
also... seeing how it went to a temp folder supposedly.  If it were my machine i'd just do a search for Temp and clear out all the temp folders that i Had.  Then if that is where it was located, i'd be sure to get it.  Housecall is a good suggestion... i use it often, Along with Ad-aware and Spysweeper (for Ads and Spyware).
0
 
LVL 15

Assisted Solution

by:greyknight17
greyknight17 earned 25 total points
ID: 12360168
Use AVG and TrendMicro. I personally use AVG and get the frequent updates for it.  Some say Norton is better, others say AVG.  I used Norton and didn't like it, but it's just my view/opinion.  It's best to use this with TrendMicro since they probably have a last minute up-to-date definition files there.

If you have XP or other versions which has multiple accounts, clearing the Temp folder can be tedious.  I recommend using a free program to do the job easier.

The Temp folders should be cleaned out periodically as installation programs and hijack programs leave a lot of junk there.  Download Index.dat Suite (http://www.it-mate.co.uk/support/idsuite.asp) to clean out all the temp folders.

Run Index.dat Suite now and go to Tools->Settings.  Then make sure to check the following: Cookies, History, Recent Documents, Swap File (if you have Windows 95/98), Temporary Internet Files and Temp Files.  Click Save at the bottom.  Then click on the Find button.  Let it search.  Then click on the second button on the top.  This will generate a batch file.  Click Next->Next->Next and it will tell you that after the next reboot/restart you the file should run by itself and startup and clean all those files.  You can also go into My Computer->C: Drive and double click on the run.bat file to clean up all the temp files.

Hope that helps.
0
 
LVL 5

Expert Comment

by:Bidonet
ID: 12362597
First, how did you find that you have a virus?

From what you are saying, you may not have any virus at all.

Use this free online tool to find out: http://housecall.trendmicro.com/
0
 
LVL 3

Expert Comment

by:jbedwar1
ID: 12362737
I sometimes wonder if people even read the previous suggestions before saying the exact same thing with nothing new.
0
 
LVL 25

Author Comment

by:nickg5
ID: 12363733
Bidonet:
I had a file attatched to a hotmail message. It told me "no virus found". so I opened it. Upon openig it my system notified me of the virus and its location. It said "use you AVG" to remove the virus, but AVG did not find it. All, I did was delete temp files as it seemed that was the file/folder/location where the virus went. So, I assume it is still on my system somewhere.

I'll try all the above solutions.
0
 
LVL 25

Author Comment

by:nickg5
ID: 12365505
here is what housecall found:
5 infected files in C:documents
all were non cleanable
three had java bytever.a
one had joke winavoid.a
and one had joke geschenk.a
they were deleted
can anyone tell me what kind of virus's they were?
 java and joke are the key words.

0
 
LVL 9

Expert Comment

by:TannerMan
ID: 12368985
From www.antivirus.com, the same place as the housecall application, you can research the viruses by name.
Glad the suggestion worked.
0
 
LVL 3

Assisted Solution

by:jbedwar1
jbedwar1 earned 25 total points
ID: 12369457
0
 
LVL 3

Expert Comment

by:jbedwar1
ID: 12369481
If housecall doesnt allow you to delete them with it's delete key (which the java one probably wont...dont know about the other).  Then you should try going directly to the location of the file and select it..then do a Shift-Delete (bypassing the trash bin).  If that doesnt allow you to delete it that way, you might have to either go through dos prompt and delete it, or boot into safe mode and delete it.  Be sure to write down exact locations of the documents.
0
 
LVL 5

Assisted Solution

by:Bidonet
Bidonet earned 25 total points
ID: 12369489
- The JAVA (Bytever.a) is a javascript malware that affects Internet Explorer:

This malware is a component of a malicious Java archive file (JAR) that resides in a malicious Web site. Machines infected with the malware JS_FORTNIGHT.B are redirected to this Web site.

This malware calls and executes another malware, JAVA_JJBLACK.C, which results in modifications to the browser and registry settings of the infected system.

This is TREND MICRO's detection for JAVA classes that exploit a known vulnerability in Microsoft Virtual Machine in Windows Operating Systems and Internet Explorer. This flaw allows malicious users to execute codes of his or her choice when a user visits an infected Web site.

- The JOKE ones are only jokes like a little funny program that you can close because the close button is getting away from your mouse pointer, etc. "It is not a virus and is therefore, not a threat to a system."

- Make sure you have latest updates from www.windowsupdate.com
0
 
LVL 5

Expert Comment

by:Bidonet
ID: 12369505
0

Featured Post

Ransomware - Can it be prevented?

Worried about ransomware attacks hitting your organization?  The good news is that these attacks are predicable and therefore preventable. Learn more about how you can  stop a ransomware attacks before encryption takes place with WatchGuard Total Security!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This article demonstrates probably the easiest way to configure domain-wide tier isolation within Active Directory. If you do not know tier isolation read https://technet.microsoft.com/en-us/windows-server-docs/security/securing-privileged-access/s…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question