Trojan.ByteVerify...help

i received a message from my norton anti-virus that i was infected with a Trojan.ByteVerify virus today. as i loaded a website, the norton-anti virus posted the messge. i instantly ran spybot and norton's and they both said my computer was clean. i then looked in my log report to see what had happed. below is the message that norton had logged:

The file
C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\classload.jar-28b7c93d-24177998.zip
is infected with the Trojan.ByteVerify virus.
Access to the file was denied.

i checked to see if i had the above file. i did not.
just in case i disabled my System Restore, put my computer in safe mode, and ran norton's. they said i did not have a virus. spy bot said i do not have a virus.

now, i'm using mozilla. my question to you or anybody is do i have a virus or not? what else could i do? any help would be great.

what will this virus do?

sonnyhooper

 

When Norton detected it, did it quarantine the infected file? Make sure in folder options you have "Show hidden files and folders" seletced and make sure it is unchecked beside "Hide extensions for known files types" and beside
"Hide protected operating system files". Do this, boot into "safe mode" and copy "C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar" and paste this without the " in the address bar. If you get an error it probably isnt there, if it lets you in the folder and you see the file "classload.jar-28b7c93d-24177998.zip" delete it. Also try doing a search for the file, make sure when you search that you have these options selected under more advanced options "Search system folders" "search hidden files and folders" "search subfolders. Let me know. Thanks

Also please read this sticky thread < READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal >

Also please run TrendMicro's online virus scan by click here!

 

Trojan.ByteVerify is a Trojan Horse that exploits the vulnerability described in Microsoft Security Bulletin MS03-011 and could provide a hacker the ability to run arbitrary code on an infected system.

http://securityresponse.symantec.com/avcenter/venc/data/trojan.byteverify.html

 

Thank you both for the helpful hints. I did as Symantec Security Check said. I've also ran housecall, spybot, norton, and Symantec Security Check scan. Still they say I do not have a virus. I checked my C:\Documents and Settings\Owner\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar" and the virus was there. I could not figure out how to delete it though. DO you have any advice? How can I delete the file? Like I said, I have ran all of the above mention virus detectors in safe mode.

wbs

 

First, make sure you have these latest definitions from Symantec

Norton Virus Definitions December 26, 2004

Now, go to the folder "C:\Documents and Settings\Owner" right click, select "Scan with Norton AntiVirus" see if it detects anything.

If you have ran all of the steps and tools listed in the sticky thread READ ME FIRST BEFORE ASKING FOR SUPPORT: Basic Spyware, Trojan And Virus Removal then I would like you to post me a Hijack This log as an attachment to your message.

Please see this sticky thread NO HIJACK THIS LOG FILES BEFORE READING THIS: HJT Tutorial & LOG File Posting

Now post a HijackThis as a .txt file attachment to your message. All running programs should be closed, including your web browser, e-mail. Close before running Hijack This!

Make sure you have HijackThis 1.99


Do NOT run Hijack This from the Desktop, a temp folder, or a sub-folder of C:\Documents and Settings, or choose to run it directly from the downloaded ZIP file. Place it in its own folder, for example C:\Program Files\HJT