|
Posted by =?Utf-8?B?c2t1bGw=?= on November 15, 2005, 3:17 pm
If you were Registered and logged in, you could reply and use other advanced thread options
my avg anti virus has detected 4 virus called java/byte verify but cannot
heal them.... i have tried disabling my system restore and then running a
scan but although it detects them it wont heal ... can anyone help
|
|
Posted by David H. Lipman on November 15, 2005, 3:28 pm
If you were Registered and logged in, you could reply and use other advanced thread options
| my avg anti virus has detected 4 virus called java/byte verify but cannot
| heal them.... i have tried disabling my system restore and then running a
| scan but although it detects them it wont heal ... can anyone help
1) Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete
files
2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear
3) Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general -->
settings -->
delete files
4) Rescan your system.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
|
|
Posted by karl levinson, mvp on November 16, 2005, 10:37 pm
If you were Registered and logged in, you could reply and use other advanced thread options
virus in itself. It can be used to make changes to your system or download
other virus code, but for most major viruses, your anti-virus would detect
and block this as long as it is up to date.
Java.bytverify is only a danger to your system if 1) you are still running
the Microsoft JVM Java Virtual Machine instead of Sun's JRE, AND 2) you do
not have a patch for MS JVM from several years ago installed. If these two
are not true, it cannot harm your system. Not sure why, but many anti-virus
programs report problem deleting this. You should install the Sun JRE from
www.java.com, but note that simply installing the Sun JRE may not
necessarily disable or remove the MS JVM. You can disable the MS JVM and
enable Sun JRE by going to tools, Internet Options, Advanced in Internet
Explorer. Going to http://windowsupdate.microsoft.com should ensure that
you have the MS JVM patch if you don't already.
> my avg anti virus has detected 4 virus called java/byte verify but cannot
> heal them.... i have tried disabling my system restore and then running a
> scan but although it detects them it wont heal ... can anyone help
|
|
Posted by David H. Lipman on November 16, 2005, 10:57 pm
If you were Registered and logged in, you could reply and use other advanced thread options
| There is probably little to worry about. Java.bytverify is not really a
| virus in itself. It can be used to make changes to your system or download
| other virus code, but for most major viruses, your anti-virus would detect
| and block this as long as it is up to date.
|
| Java.bytverify is only a danger to your system if 1) you are still running
| the Microsoft JVM Java Virtual Machine instead of Sun's JRE, AND 2) you do
| not have a patch for MS JVM from several years ago installed. If these two
| are not true, it cannot harm your system. Not sure why, but many anti-virus
| programs report problem deleting this. You should install the Sun JRE from
| www.java.com, but note that simply installing the Sun JRE may not
| necessarily disable or remove the MS JVM. You can disable the MS JVM and
| enable Sun JRE by going to tools, Internet Options, Advanced in Internet
| Explorer. Going to http://windowsupdate.microsoft.com should ensure that
| you have the MS JVM patch if you don't already.
|
Karl, where have you been ?
Haven't seen you post for quite a while !
Just a note on this...
Chances are this is a case of a .CLASS file found inside a Java Jar. Since the
AVG AV
software can scan within an archive file it can detect the JS Trojan Expoloit.
However, it
can't remove a file within an archive file (Java Jars are ZIP type files) so the
best way to
handle this is to dump the respective Browser and Java caches which delete the
cached Java
Jars.. Otherwise the affected user will just keep on getting these
notifications when the
Java Jars are scanned.
--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm
|
|
Posted by karl levinson, mvp on November 17, 2005, 7:04 am
If you were Registered and logged in, you could reply and use other advanced thread options
> Just a note on this...
> Chances are this is a case of a .CLASS file found inside a Java Jar.
> Since the AVG AV
> software can scan within an archive file it can detect the JS Trojan
> Expoloit. However, it
> can't remove a file within an archive file (Java Jars are ZIP type files)
> so the best way to
> handle this is to dump the respective Browser and Java caches which delete
> the cached Java
> Jars.. Otherwise the affected user will just keep on getting these
> notifications when the
> Java Jars are scanned.
Ah, thanks for the explanation.
This threat is so old, I would think by now the AV companies should have
figured out a fix to this. If it were me, I would have the AV be able to
delete the entire archive file for certain threats like java.bytverify.
You reminded me, I should have mentioned to the OP that even fully patched
systems will continue to get alerts about this... the "alert" here meaning
that everything is fine and normal instead of that something is broken.
> Karl, where have you been ?
> Haven't seen you post for quite a while !
Oh, I've been posting regularly in microsoft.public.security, but have been
too busy to regularly monitor the other handful of security newsgroups.
|
| Similar Threads | Posted | | Javabyte/verify virus, HOW DO I GET RID OF IT? AVG COULDN'T | August 5, 2005, 10:35 am |
| HELP: Virus is preventing me from installing anti virus software!! | January 11, 2007, 2:17 am |
| I have a virus that uses "anti virus software" downloads as a cover up | March 24, 2007, 1:40 pm |
| I have a worm or virus that does not allow me to go to ANY anti-virus website | January 28, 2006, 10:29 pm |
| Caught a Virus: Virus:Trj/Shutdown.Z -- need advice | June 13, 2007, 12:59 am |
| Vundo fix not finding vundo virus - windows tool deletes virus | May 14, 2008, 2:06 pm |
| Does anybody know what virus i've got? | July 5, 2005, 8:23 am |
| New Virus? | July 6, 2005, 11:22 am |
| virus | July 19, 2005, 12:20 pm |
| Virus help | August 8, 2005, 10:34 am |
|
XML site map