locked
Firewall or Antivirus Problem? RRS feed

  • Question

  • Help!!!!  This has been going on for a week, and I've tried everything I can think of.

     

    Here's what I apparently picked up:

    Exploit:HTML/Iframebof.gen

    Exploit:Java/ByteVerify.D

    Exploit:Java/ByteVerify.E

    TrojanDownloader:Java/Agent.B

     

    OneCare alerted me, and I thought appropriate action was taken.  The files were quarantined, and I was advised to remove the software immediately . . . but not how to go about it.  I thought OneCare was supposed to do that.  Anyway, the only option I was given was to delete or restore the files, so I deleted them.

     

    Since then, a whole flurry of email has gone out to folks in my address book that I haven't corresponded with in years.  I had no idea it was happening until I got a couple of nasty replies and then a pile of delivery failure notifications.  Doesn't OneCare monitor outbound email for suspicious activity?

     

    I've also noticed that the firewall keeps getting turned off - I switched to Windows firewall, the same thing happens.

     

    I've dumped caches - Java, IE, Firefox.  I've scanned with several different apps and the removal tool.  But the email marches on.

     

    Dell laptop - Intel Core@ T7200 2.00GHz

    2GB RAM

    Vista Ultimate

    Office 2007 Ultimate SP1

    IE 7.0.6000.16691IS

    Firefox 2.0.0.14

    Java 1.6.0-oem-b104

    email clients Outlook 2007 and Windows Live 2008 (12.0.1606)

     

    I have screen shots of the OneCare notifications if that would help - any assistance you guys can offer would be very much appreciated!

    Sunday, June 22, 2008 4:14 AM

Answers

All replies

  • I suggest contacting support for help with removing the malware from your computer. How to reach support - http://forums.microsoft.com/WindowsOneCare/ShowPost.aspx?PostID=2421771&SiteID=2

    Sunday, June 22, 2008 4:19 AM
    Moderator
  • Thanks, Jim - I'm assuming that I'll have to start that process with Qwest Communications, since my OneCare subscription is provided with my DSL service?  Based on previous experiences, that's not a very attractive option . . . maybe I should just go back to Norton, too. 

    Sunday, June 22, 2008 6:08 AM
  • I'm not sure of who provides support for One Care/Quest but I would try One Care support first. There are a few things you can try which might help. Update Windows, Office, and Java. Run a One Care scan in safe mode. How to scan with One Care in safe mode - http://support.microsoft.com/kb/925222/en-us  If the One Care scan detects any malware create a support log ( Open One Care>Change Settings>Logging>Create Support Log ). The support log will open in a web page and if you scroll down to the antivirus section any detections with their locations will be listed.

     

    Sunday, June 22, 2008 1:58 PM
    Moderator
  • Thanks, Jim - the safe mode scan says there's nothing there.

     

    Just curious, how would I go about creating a support log in safe mode if I needed to?

     

    Sunday, June 22, 2008 4:50 PM
  • Oops. I don't think you can create a support log in safe mode.

     

    Sunday, June 22, 2008 6:10 PM
    Moderator
  • Jim is correct that support is the way to go and you are correct, that it would be Qwest in your case. However, you can also call Microsoft -

    If you are in North America, you can call 866-727-2338 for help with virus and spyware infections. See http://www.microsoft.com/protect/support/default.mspx for details. For international information, see your local subsidiary Support site.

     

    -steve

    Monday, June 23, 2008 6:02 PM
    Moderator
  • Thanks for your help. guys.  Qwest just advised me to take the computer somewhere to have them help me reformat the hard drive - didn't even offer to send me on to Microsoft support.  I've already sent in a support request to Microsoft.  Gosh, I had almost forgotten why I refuse to run an OEM OS, or anything else, for that matter.  I don't need any help reformatting the hard drive, but I'm not going there just yet.  I did manage to stop the flood of emails by simply removing the account that was used from Outlook and WinLive, duh.  I don't know if it's capable of finding another, but it hasn't yet.
    Monday, June 23, 2008 7:11 PM
  • Please do keep us posted and sorry about the Qwest support. Did you try calling the number I provided? They specialize in removing malware and it isn't limited to OneCare users.

    -steve

    Tuesday, June 24, 2008 1:32 AM
    Moderator