Can someone external reset my Autorun on a WinXP machine?

Discussion in 'Computer Security' started by Edw. Peach, Jan 13, 2006.

  1. Edw. Peach

    Edw. Peach Guest

    I've been having some strange computer occurances, all starting two
    weeks ago when my AV detected some malware on my computer,
    JAVA_BYTEVER.A. These are the files that my software detected:

    JAVA_BYTEVER.A = BlackBox.class
    JAVA_BYTEVER.A = Bug.class
    JAVA_BYTEVER.A = Dummy.class

    th.jar-fb0a0d9-42a11ab0.zip

    The files were removed and I haven't had any further problems until
    today. I tried to download some digital photos to my HD and the
    AUTORUN was not working. When I plug a card into my card reader, the
    autorun pops up and wants to know what I want to do normally. I just
    used it a few days ago and it was working fine. Then I noticed that
    all Autorun stopped working, including my two CD bays. I finally got
    it back up and running by using TWEAKUI. The Autorun had been turned
    off. (I didn't turn it off.) Also, when I accessed my Control Panel,
    I got an error message about encountering some problem opening IE. I
    wasn't opening IE. When I did, my browser homepage had been hijacked
    with this:

    http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome.

    MSN is not my homepage.

    I did update my Windows (XP) the other day, but that's all the contact
    I have had with MS recently. There have been some recent updates in
    the past few days.

    I scanned for viruses and also ran Ad-Aware. Nothing.

    What could possibly turn off my autorun feature? Is this something I
    should be concerned about?
     
    Edw. Peach, Jan 13, 2006
    #1
    1. Advertising

  2. Edw. Peach

    D Nguyen Guest

    Awww.
    Looks like you'll have to format your computer and re-install.

    The URL + JV Class look nasty!!! I think you got the M$.JVM virus. Might
    aswell change to a MAC with OSx running. I've heard people said MAC is
    more stable and user friendly =D


    Edw. Peach wrote:
    > I've been having some strange computer occurances, all starting two
    > weeks ago when my AV detected some malware on my computer,
    > JAVA_BYTEVER.A. These are the files that my software detected:
    >
    > JAVA_BYTEVER.A = BlackBox.class
    > JAVA_BYTEVER.A = Bug.class
    > JAVA_BYTEVER.A = Dummy.class
    >
    > th.jar-fb0a0d9-42a11ab0.zip
    >
    > The files were removed and I haven't had any further problems until
    > today. I tried to download some digital photos to my HD and the
    > AUTORUN was not working. When I plug a card into my card reader, the
    > autorun pops up and wants to know what I want to do normally. I just
    > used it a few days ago and it was working fine. Then I noticed that
    > all Autorun stopped working, including my two CD bays. I finally got
    > it back up and running by using TWEAKUI. The Autorun had been turned
    > off. (I didn't turn it off.) Also, when I accessed my Control Panel,
    > I got an error message about encountering some problem opening IE. I
    > wasn't opening IE. When I did, my browser homepage had been hijacked
    > with this:
    >
    > http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=6&ar=msnhome.
    >
    > MSN is not my homepage.
    >
    > I did update my Windows (XP) the other day, but that's all the contact
    > I have had with MS recently. There have been some recent updates in
    > the past few days.
    >
    > I scanned for viruses and also ran Ad-Aware. Nothing.
    >
    > What could possibly turn off my autorun feature? Is this something I
    > should be concerned about?
     
    D Nguyen, Jan 13, 2006
    #2
    1. Advertising

  3. Edw. Peach

    optikl Guest

    D Nguyen wrote:
    I've heard people said MAC is
    > more stable and user friendly =D
    >

    Gee, you think? :). Not even close.....
     
    optikl, Jan 13, 2006
    #3
  4. Edw. Peach

    Edw. Peach Guest

    I've been trying to understand how my computer can be infected even
    after I scanned it regularly since those infected files were covered.
    I use Trend Micro PC-illian and I'm getting all the latest downloads
    all the time. Other than the incident yesterday where my IE browser
    was directed to the MSN homepage, and my autorun stopping, I'm really
    not having any other problems.

    After I removed those infected files, I ran the AV scan again, turning
    off my system restore. Why isn't my AV software finding more
    suspicious code or files?

    Reformatting is a real Pain-i-t-A$$. With all that must be known by
    now (it's been around for a while and is listed 3rd on a list of
    active malware at the Trend Micro site) about this malware
    (JAVABYTEVER.A) surely my AV software 'knows' what to look for?
     
    Edw. Peach, Jan 13, 2006
    #4
  5. Edw. Peach

    Bit Twister Guest

    On Fri, 13 Jan 2006 09:01:58 -0500, Edw Peach wrote:
    > I've been trying to understand how my computer can be infected even
    > after I scanned it regularly since those infected files were covered.


    What is regularly. One new malware created per hour, on average.
    Do you think the AV vendor can find the new malware, create test for
    it, add to database, and get it to your system before you get infected
    or before your next scan. :(

    > I use Trend Micro PC-illian and I'm getting all the latest downloads
    > all the time. Other than the incident yesterday where my IE browser
    > was directed to the MSN homepage, and my autorun stopping, I'm really
    > not having any other problems.


    Good malware design would aim to NOT cause you problems.
    Kind of like cancer. Is in not there if it is not causeing you a
    problem today.


    > After I removed those infected files, I ran the AV scan again, turning
    > off my system restore. Why isn't my AV software finding more
    > suspicious code or files?


    Your AV software can only find known malware.
    How does it know about new malware.
    People find it and send it to the vendor to log. Vendor runs honeypots
    hoping to get infections they can add to their signature database.

    Where are you in this process, Oh, 15 to 48 hours without protection,
    at best.

    In the past, the malware would be flooding the net and would showup pretty
    quickly by just looking at traffic. Now the criminals are getting into
    it and their malware is sneaker and more low key doing it's best to
    stay under the radar.


    > Reformatting is a real Pain-i-t-A$$. With all that must be known by
    > now (it's been around for a while and is listed 3rd on a list of
    > active malware at the Trend Micro site) about this malware
    > (JAVABYTEVER.A) surely my AV software 'knows' what to look for?


    Then there is the new malware which is disabling the AV and firewall
    software.

    How would you know if your AV software was replaced with software
    which provided you with the same screens as the real AV software.

    You CAN NOT beleive anything your system software indicates after the system
    has been cracked/infected.
     
    Bit Twister, Jan 13, 2006
    #5
  6. Edw. Peach

    Edw. Peach Guest

    On Fri, 13 Jan 2006 09:41:49 -0600, Bit Twister
    <> wrote:
    You certainly give a pleasant, cheery, 'helpful' response!

    Did you burn your breakfast this morning?
     
    Edw. Peach, Jan 15, 2006
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Fokker
    Replies:
    18
    Views:
    594
    Gareth Howells
    Sep 30, 2003
  2. zZz
    Replies:
    1
    Views:
    1,059
    SgtMinor
    Jan 12, 2005
  3. Philipp Flesch
    Replies:
    3
    Views:
    4,858
    Philipp Flesch
    Jun 18, 2006
  4. jc
    Replies:
    0
    Views:
    1,719
  5. Steve Freides
    Replies:
    7
    Views:
    577
    Steve Freides
    Feb 25, 2009
Loading...

Share This Page