Can someone external reset my Autorun on a WinXP machine?
 

I've been having some strange computer occurances, all starting two
weeks ago when my AV detected some malware on my computer,
JAVA_BYTEVER.A. These are the files that my software detected:

JAVA_BYTEVER.A = BlackBox.class
JAVA_BYTEVER.A = Bug.class
JAVA_BYTEVER.A = Dummy.class

th.jar-fb0a0d9-42a11ab0.zip

The files were removed and I haven't had any further problems until
today. I tried to download some digital photos to my HD and the
AUTORUN was not working. When I plug a card into my card reader, the
autorun pops up and wants to know what I want to do normally. I just
used it a few days ago and it was working fine. Then I noticed that
all Autorun stopped working, including my two CD bays. I finally got
it back up and running by using TWEAKUI. The Autorun had been turned
off. (I didn't turn it off.) Also, when I accessed my Control Panel,
I got an error message about encountering some problem opening IE. I
wasn't opening IE. When I did, my browser homepage had been hijacked
with this:

http://www.microsoft.com/isapi/redir...r=6&ar=msnhome.

MSN is not my homepage.

I did update my Windows (XP) the other day, but that's all the contact
I have had with MS recently. There have been some recent updates in
the past few days.

I scanned for viruses and also ran Ad-Aware. Nothing.

What could possibly turn off my autorun feature? Is this something I
should be concerned about?

Re: Can someone external reset my Autorun on a WinXP machine?
 

Awww.
Looks like you'll have to format your computer and re-install.

The URL + JV Class look nasty!!! I think you got the M$.JVM virus. Might
aswell change to a MAC with OSx running. I've heard people said MAC is
more stable and user friendly =D


Edw. Peach wrote:
> I've been having some strange computer occurances, all starting two
> weeks ago when my AV detected some malware on my computer,
> JAVA_BYTEVER.A. These are the files that my software detected:
>
> JAVA_BYTEVER.A = BlackBox.class
> JAVA_BYTEVER.A = Bug.class
> JAVA_BYTEVER.A = Dummy.class
>
> th.jar-fb0a0d9-42a11ab0.zip
>
> The files were removed and I haven't had any further problems until
> today. I tried to download some digital photos to my HD and the
> AUTORUN was not working. When I plug a card into my card reader, the
> autorun pops up and wants to know what I want to do normally. I just
> used it a few days ago and it was working fine. Then I noticed that
> all Autorun stopped working, including my two CD bays. I finally got
> it back up and running by using TWEAKUI. The Autorun had been turned
> off. (I didn't turn it off.) Also, when I accessed my Control Panel,
> I got an error message about encountering some problem opening IE. I
> wasn't opening IE. When I did, my browser homepage had been hijacked
> with this:
>
> http://www.microsoft.com/isapi/redir...r=6&ar=msnhome.
>
> MSN is not my homepage.
>
> I did update my Windows (XP) the other day, but that's all the contact
> I have had with MS recently. There have been some recent updates in
> the past few days.
>
> I scanned for viruses and also ran Ad-Aware. Nothing.
>
> What could possibly turn off my autorun feature? Is this something I
> should be concerned about?

Re: Can someone external reset my Autorun on a WinXP machine?
 

D Nguyen wrote:
I've heard people said MAC is
> more stable and user friendly =D
>
Gee, you think? :). Not even close.....

Re: Can someone external reset my Autorun on a WinXP machine?
 

I've been trying to understand how my computer can be infected even
after I scanned it regularly since those infected files were covered.
I use Trend Micro PC-illian and I'm getting all the latest downloads
all the time. Other than the incident yesterday where my IE browser
was directed to the MSN homepage, and my autorun stopping, I'm really
not having any other problems.

After I removed those infected files, I ran the AV scan again, turning
off my system restore. Why isn't my AV software finding more
suspicious code or files?

Reformatting is a real Pain-i-t-A$$. With all that must be known by
now (it's been around for a while and is listed 3rd on a list of
active malware at the Trend Micro site) about this malware
(JAVABYTEVER.A) surely my AV software 'knows' what to look for?

Re: Can someone external reset my Autorun on a WinXP machine?
 

On Fri, 13 Jan 2006 09:01:58 -0500, Edw Peach wrote:
> I've been trying to understand how my computer can be infected even
> after I scanned it regularly since those infected files were covered.

What is regularly. One new malware created per hour, on average.
Do you think the AV vendor can find the new malware, create test for
it, add to database, and get it to your system before you get infected
or before your next scan. :(

> I use Trend Micro PC-illian and I'm getting all the latest downloads
> all the time. Other than the incident yesterday where my IE browser
> was directed to the MSN homepage, and my autorun stopping, I'm really
> not having any other problems.

Good malware design would aim to NOT cause you problems.
Kind of like cancer. Is in not there if it is not causeing you a
problem today.


> After I removed those infected files, I ran the AV scan again, turning
> off my system restore. Why isn't my AV software finding more
> suspicious code or files?

Your AV software can only find known malware.
How does it know about new malware.
People find it and send it to the vendor to log. Vendor runs honeypots
hoping to get infections they can add to their signature database.

Where are you in this process, Oh, 15 to 48 hours without protection,
at best.

In the past, the malware would be flooding the net and would showup pretty
quickly by just looking at traffic. Now the criminals are getting into
it and their malware is sneaker and more low key doing it's best to
stay under the radar.


> Reformatting is a real Pain-i-t-A$$. With all that must be known by
> now (it's been around for a while and is listed 3rd on a list of
> active malware at the Trend Micro site) about this malware
> (JAVABYTEVER.A) surely my AV software 'knows' what to look for?

Then there is the new malware which is disabling the AV and firewall
software.

How would you know if your AV software was replaced with software
which provided you with the same screens as the real AV software.

You CAN NOT beleive anything your system software indicates after the system
has been cracked/infected.

Re: Can someone external reset my Autorun on a WinXP machine?
 

On Fri, 13 Jan 2006 09:41:49 -0600, Bit Twister
<BitTwister@mouse-potato.com> wrote:
You certainly give a pleasant, cheery, 'helpful' response!

Did you burn your breakfast this morning?