Re: Java/ByteVerify
From: Andy (anomynous_at_discussions.microsoft.com)
Date: 04/17/05
- Next message: MS Expert: "Trojan.Tooso.B Patch"
- Previous message: Michael Pelletier: "Re: Comparing the different virus scanner..."
- In reply to: David H. Lipman: "Re: Java/ByteVerify"
- Next in thread: David H. Lipman: "Re: Java/ByteVerify"
- Reply: David H. Lipman: "Re: Java/ByteVerify"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Sun, 17 Apr 2005 23:40:26 +0200
Thank you for your advice. I followed your instructions to the letter and
Sysclean did not find anything. Rescanning with AVG the problem had been
resolved. Looking back I believe dumping the contents of the Sun Java Cache
got rid of the problem, C:\Documents and Settings\Andy\Applications
Data\SUN\Java\Deployment\cache\javapi\v1.0\jar is the location of the Sun
Java Cache.
Andy
"David H. Lipman" <DLipman~nospam~@Verizon.Net> wrote in message
news:%23NtrdFvQFHA.3880@tk2msftngp13.phx.gbl...
> "Andy" <anomynous@discussions.microsoft.com> wrote in message
> news:%230LWLRsQFHA.3096@TK2MSFTNGP12.phx.gbl
> | OS Windows XP Home SP2, IE6. Security Patches are kept up to date, AVG
> has
> | latest Definitions.
> |
> | AVG Has reported a virus in my computer:
> | "Java/ByteVerify. This virus abuses the security vulnerability in Java
> | Virtual Machine described in MS03-011, which gives possibility of
> running
> | potentially dangerous operation to java program (like working with
> files).
> | Trojan horse using this vulnerability changes Internet Explorer Home
> page.
> | The fix is available on Microsoft web pages like
> | WindowsUpdate.Microsoft.com". It goes on to say "Selected object is
> located
> | inside the archive and cannot be healed" [located C:\Documents and
> | Settings\Andy\Applications
> Data\SUN\Java\Deployment\cache\javapi\v1.0\jar].
> | MS03-011 is dated 9 April 2003 and surely must have been included in the
> SP2
> | upgrade. If so why have I been infected?
> |
> | Is there a removal tool available?
> |
> | Andy
>
>
> 1) Dump the contents of your IE cache -
> Start --> settings --> control panel --> Internet options -->
> delete files
>
> 2) Dump the contents of the Mozilla FireFox Cache
> Tools --> Options --> Privacy --> Cache --> Clear
>
> 3) Dump the contents of your Sun Java cache -
> Start --> settings --> control panel --> Java applet --> cache -->
> clear
> or
> Start --> settings --> control panel --> Java applet -->
> general --> settings -->
> delete files
>
> 4) Download TrendMicro Sysclean by one of the following 2 methods
>
> Trend Sysclean Method 1
> ---------------------------------------
> Trend Sysclean Package
> http://www.trendmicro.com/download/dcs.asp
>
> Latest Trend signature files.
> http://www.trendmicro.com/download/pattern.asp
>
> Create a directory.
> On drive "C:\"
> (e.g., "c:\sysclean")
>
> Download SYSCLEAN.COM and place it in that directory.
> Download the signature files (pattern files) by obtaining the ZIP file.
> For example; lpt576.zip
>
> Extract the contents of the ZIP file and place the contents in the same
> directory as
> SYSCLEAN.COM.
>
> Trend Sysclean Method 2
> ---------------------------------------
> Download the utility SYSCLEAN_FE at the following URL --
> http://www.ik-cs.com/got-a-virus.htm
> SYSCLEAN_FE automates the download and execution process of the Trend
> Sysclean Package.
> Direct URL --
> http://www.ik-cs.com/programs/virtools/Sysclean_FE.exe
>
>
> 5) If you are using WinME or WinXP, disable System Restore
> http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
> 6) Reboot your PC into Safe Mode and shutdown as many applications as
> possible.
> 7) Using Trend Sysclean utility, perform a Full Scan of your platform
> and clean/delete
> any infectors/parasites found.
> (a few cycles may be needed)
> 8) Restart your PC and perform a "final" Full Scan of your platform
> using the
> Trend Sysclean utility.
> 9) If you are using WinME or WinXP,Re-enable System Restore and
> re-apply any
> System Restore preferences, (e.g. HD space to use suggested 400 ~
> 600MB),
> 10) Reboot your PC.
> 11) If you are using WinME or WinXP, create a new Restore point
>
> * * * Please report back your results * * *
>
>
> --
> Dave
> http://www.claymania.com/removal-trojan-adware.html
> http://www.ik-cs.com/got-a-virus.htm
>
>
- Next message: MS Expert: "Trojan.Tooso.B Patch"
- Previous message: Michael Pelletier: "Re: Comparing the different virus scanner..."
- In reply to: David H. Lipman: "Re: Java/ByteVerify"
- Next in thread: David H. Lipman: "Re: Java/ByteVerify"
- Reply: David H. Lipman: "Re: Java/ByteVerify"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
