Re: trojan horse problem?

From: Dave (noone_at_nowhere.com)
Date: 05/29/04 

Date: Sat, 29 May 2004 15:29:51 -0000

"RC" <anonymous@spoof.com> wrote in message
news:%23uXCZgYREHA.3124@TK2MSFTNGP12.phx.gbl...
> win platform is me. Running grisoft free version av. Running za free
> firewall. Use adaware, spybot s&d, cwshredder and spyware blaster. All
are
> current and up to date. Now for query. I went to hp's update site and
they
> advised me to go to 'symantec security check' web site and check my
system's
> security and anti virus protection:
>
http://security.symantec.com/sscv6/default.asp?productid=hp&langid=ie&venid=hp

must be a new deal between hp and symantec

>
> Well, I proceeded thinking that nothing would come of it since I've been
> updating and running the above programs religiously. Under the security
> check, symantec said that I didn't have a firewall installed and I didn't
> have any anti virus program installed and advised me to install both. It
> suggested Norton Internet Security and Norton Personal Firewall.

but of course, what else would they suggest!

>
> Under the anti virus section it found a trojan horse in the following
file:
> c:\windows\Application
>
Data\Sun\Java\Deployment\cache\javapi\V1.0\jar\counter.jar-bfc4edd-6b18bb8b.
> zip. A while back I remember avg screen popping up saying it found a
virus
> relating to the above, but the screen shut down immediately and went back
to
> windows. Is it safe to delete the above file? Is this a legit file that
> should be cleaned rather than deleted? If so, how do I go about cleaning
> the file since none of the programs I'm running detects it.

well, are you sure you are running them? there are some tricky
trojans/viruses that shut off the virus protection without you knowing it.
that could be why symantec doesn't think you are running one. try one of
the other free web av scanners for a second opinion... and maybe try running
your scan in safe mode.

>
> BTW Is the fact that symantec not finding any anti virus and firewall
just
> some kind of gimmick to get you to try their products?

the av could be shut off, i don't know of any viruses that shut off za, but
that doesn't mean there aren't any. there are other web sites that will do
a port scan of your machine to see if za is working, or you could just
remove access permissions for ie or something else obvious and see if it is
really working.

Relevant Pages

  • Re: trojan horse problem?
    ... Symantec doesn't not recognize any security products except their own. ... symantec said that I didn't have a firewall installed and I didn't ... > have any anti virus program installed and advised me to install both. ...
    (microsoft.public.security)
  • Re: trojan horse problem?
    ... Symantec did find one open port. ... >> advised me to go to 'symantec security check' web site and check my ... symantec said that I didn't have a firewall installed and I ... >> have any anti virus program installed and advised me to install both. ...
    (microsoft.public.security)
  • Re: Security Centre Icon Gone After Upgrading Symantec
    ... > * We installed Symantec Security Client, ... but disabled the Firewall cause we don't need it. ... > the Windows firewall and that it wasn't needed because of the Symantec ...
    (microsoft.public.windowsxp.security_admin)
  • Re: Multiple Symantec Firewall Secure Webserver timeout DoS
    ... Symantec Firewall Secure Webserver timeout DoS ... Advanced IT-Security, a Scandinavian security consultancy, notified ... name CAN-2002-0990 to the SEF HTTP_CONNECT Secure Webserver DoS. ...
    (Bugtraq)
  • trojan horse problem?
    ... Running grisoft free version av. ... advised me to go to 'symantec security check' web site and check my system's ... symantec said that I didn't have a firewall installed and I didn't ... have any anti virus program installed and advised me to install both. ...
    (microsoft.public.security)
Loading