(Java.ByteVerify.exploit trojan

Hi Pieter,
Thank you very much for explaining that to me.
Sincerely, Libra

 

i know that just right now everybody will go DUH
but.. sorry
i don't have java sun, dont have mvm and i still got the bl**dy thing. it seems there is no way i can get rid of it. avg cant delete it and its still there.
can you please help me. and remember that i am just a user. : )
thanks very much.

 

Hi mia,

Open Internet Explorer (IE) and click Tools then Internet Options on the tool bar.

Then click on Delete Files.

Regards,

Pieter

 

Make sure you put a checkmark in "Delete all offline content" before you click "OK" when doing that, though. Pete

 

Hiya, Pieter!
thanks very much. done that.
hope thats gonna be the end of it.
i got it from an icq msg with a url for a fun site finishing with a LOL
http://www.daemonology.net/ICQworm/worm.txt - here they say it can't be fixed yet.. hope they are not right
thanks for your time and patience. : )
regards,
mia

 

hey pete!
thank you! i'm always doing that.
thanks : )
regards,
mia

 

I scanned wit EZ Anti-virus and it found 4 exploit trojans. right now im scaning it wit trojan scanner . It will delete the trojans off rite?







Removed unrelated attachment: http://www.wilderssecurity.com/showthread.php?t=19950 - Pieter

 

Yo Philo, got the fix for ya. Ok, what has happened is you've gotten rid of your virus but the virus has been backed up into your restore files. This folder has restore information for periodic "save points" for you system in case you completely screw something up. So, you need to delete all the old system restore files. Here's how....its so easy. Right click on My Computer. Click on the System Restore tab. Put a check next to "Turn off System Restore." Now, reboot and it will delete all those files....virus gone. If you want, go back and turn it back on, in case you need to restore in the future. Good luck.

 

Hello all, I managed to quarentine the Byte verify Trojan by breaking down and spending the bucks for McAfee pro antivirus. McAfee found the one infected file whose exploit it described as Byte verify. However, the online scan from Bit-defender that I did previously had indicated an exploit called "open connection.F" apparently from the same file. Does that sound right to everyone? McAfee said nothing about an open connection. I am concerned that I may have actually been hit with a root kit (something called Dropper was associated with my initial infection), and that the Byte Verify Trojan was only part of the package. My Sygate pro firewall informs me that I just got hit with a port scan even as I am writing this! Is that sort of thing normal? I am not technically savvy enough to know. I fear I may have an open connection piggybacking on a legitimate service. I was quite disappointed to find that neither AVG nor TrojanHunter did me any good against this problem. Oh well, compute and learn! Is there any way I can find out for sure if I do have a root kit on my machine?
Thanks,
Manticmeister

 

Just wanted to say thanks from a grateful lurker...good advice on the JAVA stuff...

 

hi there,

this is my first post well i hv a temp version of avg installed well a couple of adays back i had this virus called java/byte verify i ran avg but it could not remove niether could it quarentine it so pls help me send me a virus removal tool or instruction

thank you

pushpinder

 

Hi hooghan, and welcome.

What is the name of the file, and it's location, that AVG is saying as infected?

Have you tried the advice given in this thread yet?

Regards,

snap

 

hi all!
(i'm a 17yrs old french girl, so please be nice with my english!)
I got a problem with this Java.ByteVerify.exploit trojan! My etrust AV scanned three of them and i tried the trojan scan on windowsecurity.com but it scanned nothing, so i'm confused! i don't know what can i do, if someone could help me i'll be very glad!
thx a lot
floppy...

 

Virus

i found 01jugswarn running on my computer, i tried looking it up on the internet and i couldnt find anything on it. i think it might be a trojan but im not sure. Also i have Java/Byteverify on my computer and cant get rid of it. Can you help please?

 

Re: Virus

Do your Windows Updates.There is a patch for this exploit, see here,

http://www3.ca.com/securityadvisor/virusinfo/virus.aspx?id=36725

Hope this helps.


snowbound

 

Thanks!

Wow did I learn alot from this thread alone. I'm running eTrust EZ AV 2005, and it just detected 4 trojans mentioned above. Thanks for the great information, and this just goes to show the power of forums!

 

Hi, I'm the original starter and I'm back.

As with coppertrail, I just installed the latest version of eTrust (6.2) and it found 18 occurrences. I think that snowbound's link explains it well. I don't use Microsoft's virtual machine, so I don't really think I have anything to worry about.

Ohhhh, I've also done my Win xp updates, right up to the minute.

 

QUOTE=PhiloVance]Just found I have this trojan: (Java.ByteVerify.exploit trojan. My eTrust AV program was unable to delete/rename it. How do I get rid of it? Thanks[/QUOTE]

 

Can you take the following steps:


Step 1. Install Zone Alarm (free) – Firewall with visual outgoing alerts to see what is trying to access the internet.
http://www.zonelabs.com


Step 2. Download Stinger available here: do NOT run this YET.
http://vil.nai.com/vil/stinger/


Step 3. Turn OFF System Restore, this process depends on your operating system:


Windows XP Instructions

1. Right click on the "My Computer" icon on the Windows desktop
2. Click "Properties"
3. Click on the "System Restore"
4. Place a tick in "Turn off System Restore on all Drives"
5. Click OK
6. Close and restart your system.


OR


Windows ME Instructions

1. Right click on the "My Computer" icon on the Windows desktop
2. Click "Properties"
3. Click on "Performance"
4. Click "File system"
5. Click "Troubleshooting"
6. Check "Disable system restore"
7. Click on OK
8. Close and restart your system.


Step 4. Delete your TEMP files by doing the following: open up Internet Explorer> Tools> Internet Options> General TAB> Temporary Internet Files> Delete Files> Delete All Offline Content.


Step 5. Restart your system again in “SAFE MODE” by pressing/tapping F8 while booting up


Step 6. Run a scan with “Stinger” the program you downloaded above.


Step 7. Run a scan with your current Anti-virus program – MAKE SURE IT IS FULLY UP TO DATE with the latest virus signatures.


Step 8. Run a scan with “Stinger” the program you downloaded above.


Step 9. Reboot your system into normal mode.


Step 10. Run a further online scan found here: http://housecall.trendmicro.com/


When everything is clean, it is recommended that you turn System Restore back on.


Step 11. Install update and run Spybot Search and Destroy (free) – Spyware removal and protection, with registry monitor.
http://beam.to/spybotsd


Step 12. Install update and run Adaware (free) – Spyware removal. What Spybot Search and Destroy doesn’t pick up, this will.
http://www.lavasoftusa.com


Step 13. Install and run CWShredder available here:
https://www.wilderssecurity.com/showthread.php?t=14086


Step 14. Make sure your Windows is FULLY up-to-date by doing the following: While on the Internet, Click on Internet Explorer (the Blue “e”), Click on Tools (on the bar at the top of your screen in Internet Explorer), Click on Windows Update. This will take you to the Microsoft Windows Update page where you need to follow the on screen prompts, starting with “Scan for Updates”. Install ALL “Critical Updates” and “Service Packs”.

WEEKLY – check this is “Up to Date”.



REPEAT ALL THE ABOVE STEPS, this time EVERYTHING should come up clean…



Now that your system is clean you may want to take a look here for further discussion on security and how to make your system that much stronger:

https://www.wilderssecurity.com/showthread.php?t=45284&page=1&pp=25

and here for more:

https://www.wilderssecurity.com/showthread.php?t=43117


Hope this helps…

Let us know how you go…

Cheers

 

i have found i have this trojan; java/byteverify i am running windows 98 how do i get rid of this my av detected it but cannot get rid of it what do i do ??

 

Hi Mischief2n, welcome to Wilders, can you take a look at post number 4 here, this should take care of most things out there, and if it doesn't, there are further instructions near the end of that post...

These are very specific instructions, that require using a Firewall and having your Windows FULLY up-to-date.

Let us know how you go...

Cheers

 

Here is what I did and it's gone so hope this helps others. -----For Windows XP/2000 using Windows explorer go to C:, Documents and Settings, Administrator or whatever name you are using to log in, Application Data, Sun,Jaya, Deployment, cache,v1.0 or whatever version is listed, jar. Delete all files in this folder and make sure to empty your recycle bin and the virus will be gone. Run your Antivirus program again to verify. You also need to go to Control Panel, Java plug in, and in the basic tab make sure that do not start console is checked and that Show Java in system tray is not checked. Also go to the cache tab and uncheck enable caching. This should do it for you. IN the future, please include some more info such as Operating system and hardware.

 

Hello,
I'm running Windows 98 SE and I'm trying to get rid of this virus "Java/Byte Verify using AVG Free Edition. So far I'm unable to get rid of this thing. Help Somebody Please. I've read the earlier threads, Windows 98SE does not have the Java Cache in the Control Panel. I would appreciate it for some step-by-step guidance. Thank You!!!