Posted 28 June 2004 - 03:09 PM
I performed a search for index.htm. and found nothing. I run a Norton scan daily - nothing, following this I ran scans by Trend Micro, Bit Defender, Panda Active Scan, and TDS they all came up clear.
The point is how can I be sure it is a false alarm if I cannot find the file and delete it? and what is next? I am open to any suggestions.
Posted 28 June 2004 - 07:05 PM
Possibility 2: It's a hidden file. See HERE for how to show hidden files.
Possibility 3: It has changed its name after a reboot, malware does that quite often.
Possibility 4: It was a false positive and the file was never there.
How camest thou in this pickle? -- William Shakespeare:(1564-1616)
The various helper groups here
Posted 28 June 2004 - 07:49 PM
From my experience and from these tests, I would say that McAfee is a little on the sensitive side when it comes to detection.
As for deleting the file, I agree with cnm. Either McAfee removed it or it is still hidden from explorer. If you still can’t find the file using explorer and cnm’s suggestion of showing hidden files, try to obtain the full path to the file from McAfee and attempt to delete it from a command prompt.
You could also try the command-line version of McAfee antivirus to remove the file, which I believe is still freeware/shareware. Download the Windows superdat file (ie: sdat4370.exe or similar filename) from here.
Save this file to a permanent location on your hard disk, such as c:\mcafeeav.
Next go to the start menu and click on run.
Type (you may need to change this to suit the filename) c:\mcafeeav\sdat4370.exe /e
Wait a few minutes for McAfee to unpack.
Then go to the start menu and click on run.
Type or cut and paste (with the quotation marks) c:\mcafeeav\scan.exe “C:\Documents and Settings" /sub /all /clean /report c:\mcafeeav\results.txt
The results of this scan should now be in c:\mcafeeav\results.txt
If the file could not be cleaned, add /del to the run command.
Edited by Trilobite, 28 June 2004 - 08:23 PM.
"Knowledge does not equal wisdom"
CWShredder, HijackThis, McAfee Stinger Antivirus, Emergency Boot Disks
Trend Micro virus scan, McAfee Security virus scan , Symantec Security Check, kaspersky virus scan
Norton GoBack, ZoneAlarm Firewall, hpguru's HOSTS File, Mozilla/Firefox Adblock ad-on
National Do Not Call Registry (USA)
Guide to posting HijackThis logs to this forum
Posted 29 June 2004 - 05:02 PM
I have done it!!!
I tried, Etrust, TrojanHunter, and Ewido to no avail. So I went back to Mcafee's and downloaded their free trial version, and removed it fom their. I had to remove Norton though to do it, temporary though. The annoying thing is that the offensive file was in Temp internet folders. I cleaned them out on Saturday, but I think I remember a suspect E-mail on Sunday but I did not open it. just deleted it.
Thank you for the input.