Everytime I update and run Lavasoft Addaware My Norton Anti virus
picks up Trojan.ByteVerify. What isthis? Should Istop using Addaware?
I thought it was supposed to be good.
M

From: "mstrspy" <(E-Mail Removed)>

| Everytime I update and run Lavasoft Addaware My Norton Anti virus
| picks up Trojan.ByteVerify. What isthis? Should Istop using Addaware?
| I thought it was supposed to be good.
| M

It has nothing to to do with Ad-Aware. It is only a coincidence.

1) Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear

3) Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings -->
delete files

4) Re-scan your system with NAV.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

mstrspy <(E-Mail Removed)> wrote in
news:(E-Mail Removed):

> Everytime I update and run Lavasoft Addaware My Norton Anti virus
> picks up Trojan.ByteVerify. What isthis? Should Istop using Addaware?
> I thought it was supposed to be good.
> M

I got Ad-Aware on my machine but I hardly use it. However, Ad-Aware does
have an Ignore list and I have used that a time or two.

Duane

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:rG5if.5699$6e5.1166@trnddc09...
> From: "mstrspy" <(E-Mail Removed)>
>
> | Everytime I update and run Lavasoft Addaware My Norton Anti virus
> | picks up Trojan.ByteVerify. What isthis? Should Istop using Addaware?
> | I thought it was supposed to be good.
> | M
>
> It has nothing to to do with Ad-Aware. It is only a coincidence.
>
> 1) Dump the contents of your IE cache -
> Start --> settings --> control panel --> Internet options -->
> delete files
>
> 2) Dump the contents of the Mozilla FireFox Cache { if you use
> FireFox }
> Tools --> Options --> Privacy --> Cache --> Clear
>
> 3) Dump the contents of your Sun Java cache -
> Start --> settings --> control panel --> Java applet --> cache -->
> clear
> or
> Start --> settings --> control panel --> Java applet -->
> general --> settings -->
> delete files
>
> 4) Re-scan your system with NAV.
>
>

I wouldn't necessarily call it a coincidence, Dave - I had similar problems
for a while, and isolated the cause.
What it is, is that AdAware in full-scan mode opens compressed files to
test them - and it's the decompressed temp file that the AV then tags as a
virus (or whatever) - it can be a bitch to work out exactly which file is
causing the problem, as the temp file created by AdAware doesn't necessarily
have either a recognisable name, or source.

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

From: "Noel Paton" <(E-Mail Removed)>


| I wouldn't necessarily call it a coincidence, Dave - I had similar problems
| for a while, and isolated the cause.
| What it is, is that AdAware in full-scan mode opens compressed files to
| test them - and it's the decompressed temp file that the AV then tags as a
| virus (or whatever) - it can be a bitch to work out exactly which file is
| causing the problem, as the temp file created by AdAware doesn't necessarily
| have either a recognisable name, or source.
|

I wanted to keep it simple. I didn't want to him to stop using Ad-aware. But you are
right.

As Ad-aware scans the system it is opening Java Jars and scanning .CLASS files and as the
are extracted from the Java Jars (ZIP type archive file) NAV's "On Access" scanner is
catching a .CLASS file that is the JS/ByteVerify Trojan and NAV is notifying the user.

I should have fully explained that instead of being lazy and not going into full detail.

Dumping the Browser and Sun Java caches will remove the Java Jars and thus mitigate further
NAV notifications.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

On Sun, 27 Nov 2005 01:57:39 GMT, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>I wanted to keep it simple. I didn't want to him to stop using Ad-aware. But you are
>right.

The truth will out.

"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:no8if.2082$tg3.985@trnddc02...
> From: "Noel Paton" <(E-Mail Removed)>
>
>
> | I wouldn't necessarily call it a coincidence, Dave - I had similar
> problems
> | for a while, and isolated the cause.
> | What it is, is that AdAware in full-scan mode opens compressed files to
> | test them - and it's the decompressed temp file that the AV then tags as
> a
> | virus (or whatever) - it can be a bitch to work out exactly which file
> is
> | causing the problem, as the temp file created by AdAware doesn't
> necessarily
> | have either a recognisable name, or source.
> |
>
> I wanted to keep it simple. I didn't want to him to stop using Ad-aware.
> But you are
> right.
>
> As Ad-aware scans the system it is opening Java Jars and scanning .CLASS
> files and as the
> are extracted from the Java Jars (ZIP type archive file) NAV's "On Access"
> scanner is
> catching a .CLASS file that is the JS/ByteVerify Trojan and NAV is
> notifying the user.
>
> I should have fully explained that instead of being lazy and not going
> into full detail.
>
> Dumping the Browser and Sun Java caches will remove the Java Jars and thus
> mitigate further
> NAV notifications.
>

It's not that tightly-knit, actually!
I had a couple of zipped email attachments in a folder - which AVG couldn't
find anything wrong with.
When Ad-Aware came across them, AVG would pop up with an alert.
Neither on their own could detect the enclosed (Swen??) virus - but together
they could. - Seems that AdAware's unpacker was more effective than AVG's at
the time.

--
Noel Paton (MS-MVP 2002-2006, Windows)

Nil Carborundum Illegitemi
http://www.crashfixpc.com/millsrpch.htm

http://tinyurl.com/6oztj

Please read http://dts-l.org/goodpost.htm on how to post messages to NG's

From: "Noel Paton" <(E-Mail Removed)>


| It's not that tightly-knit, actually!
| I had a couple of zipped email attachments in a folder - which AVG couldn't
| find anything wrong with.
| When Ad-Aware came across them, AVG would pop up with an alert.
| Neither on their own could detect the enclosed (Swen??) virus - but together
| they could. - Seems that AdAware's unpacker was more effective than AVG's at
| the time.
|

That's possible.

Art ran a News Group experiment several weeks ago. He posted several URLs of sites posting
installers for various freebies. Each installer was tested and some AV couldn't see in the
files within these self extracting installation archive files. Kaspersky and NOD32 seemed
to do the best.

McAfee scored poorly and when I contacted McAfee/AVERT so they can add more decompression
algorithms to the Engine v5000 Beta they indicated that the infectors will be found when the
installer is executed as the files are extracted.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm

On Sun, 27 Nov 2005 15:18:58 GMT, "David H. Lipman"
<DLipman~nospam~@Verizon.Net> wrote:

>Art ran a News Group experiment several weeks ago. He posted several URLs of sites posting
>installers for various freebies. Each installer was tested and some AV couldn't see in the
>files within these self extracting installation archive files. Kaspersky and NOD32 seemed
>to do the best.

Actually, Dr Web was a distant second. No av was anywhere near as
effective as KAV for finding malware in installation files.

Art

http://home.epix.net/~artnpeg

From: "Art" <(E-Mail Removed)>


|
| Actually, Dr Web was a distant second. No av was anywhere near as
| effective as KAV for finding malware in installation files.
|
| Art
|
| http://home.epix.net/~artnpeg

Thanx for the clarification Art !

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm