Java/ByteVerify Virus

Photogrrlz · Buttercup Groupie

Java/ByteVerify Virus

laboo · Boobs

ask, MP Handler..... he is helping me with my computer right now!!!!

Praetorian · All Man

what antivirus program are you using that is telling you that? They all call them slightly different things, so what program is naming it will give us a place to start.

Photogrrlz · Buttercup Groupie

AVG Free

Monkey Proof · Buttercup is awesomesexycool and smelly too.

The Classloader files are part of Internet Explorer homepage hijacker trojans, that infect IE through malicous web page that uses Java classloader byteverify exploit or other vulnerability in Internet Explorer.

These trojans usually change the browser start page and search settings and download other trojan/spyware components on the system.

The easiest way to be safe from these trojans is to make sure that Internet Explorer is up to date. Although even with updated IE the trojans are sometimes downloaded but cannot activate.

Usually the classloader files are in a .zip or .jar archive along with several other files. One of the files should have more descriptive name, that indicates which Trojan it is. If none of the files have a descriptive name

go here and do the free online scan. the scan will take a while to complete.
Trendmicro Housecall 6.5

report any other viruses that it detects

-- Edited by MP_handler at 14:48, 2006-02-27

Monkey Proof · Buttercup is awesomesexycool and smelly too.

The easiest way to get rid of Java/ByteVerify Virus? is to:

Update your Internet Explorer using Windows update to prevent any further infections.

1. Open http://windowsupdate.microsoft.com

2. Select all available updates

3. Windows update installs updates and reboots

4. Return to the Windows updates to make sure you have all updated

Clear the Internet Explorer temporary file cache

1. Open Internet Explorer

2. Select "Tools"->"Internet Options..." from the top menu

3. Select "General" tab (this should be visible already)

4. Click from "Temporary Internet files" pane button "Delete Files..."

5. Select checkbox "Delete all offline content"

6. Click "OK"

Also download CWshredder from here and run the the scan and click FIX if the scan detects any Cool Web Search products.
CWsredder

-- Edited by MP_handler at 15:17, 2006-02-27

Praetorian · All Man

It sounds like mp has this one under wraps....

Date: Feb 27, 2006

Nice work MP handler.......

However as the Java/ByteVerify Virus has now been detected by AVG it has probably been archived in the Virus Vault in an encrypted form so that it cannot do any damage.
If this is the case, which I am sure it will be because AVG is normally unable to clean/delete it, then I would leave it in the vault for a few days maybe even a week to make sure the computer is running ok, after this time I would then go in to the Virus Vault and delete the archive of it.

Monkey Proof · Buttercup is awesomesexycool and smelly too.

thats is very true Sparky, but it has been reported that new varients of the Java/ByteVerify Virus have found a way to disable AVG. i read that at F-secure

Date: Feb 27, 2006

MP_handler wrote:

thats is very true Sparky, but it has been reported that new varients of the Java/ByteVerify Virus have found a way to disable AVG. i read that at F-secure

Ok I stand corrected, ain't you just a smart little monkey.

Although she could check her Virus Vault.

Monkey Proof · Buttercup is awesomesexycool and smelly too.

so very true.

Photogrrlz · Buttercup Groupie

I have a vault???

Monkey Proof · Buttercup is awesomesexycool and smelly too.

yes, and not the one between your legs either

open your AV and go to Logs or Quarantine. one of those should show all the items it has detected and removed.

if the Logs list anything that has been detected and removed quarantined you are good. but if any items have been detected but no further action was taking then there should be concerns.

Photogrrlz · Buttercup Groupie

This is the only things in my vault... The Byte thing pops up in whatever quick scan it does

Photogrrlz · Buttercup Groupie