Exploit-Byte Verify and archive.jar-11012ea5-2063308e.zip

  • Thread starter Thread starter Chap
  • Start date Start date
C

Chap

McAfee discovered this during a scan. The location it gave for the
file I could not find, even when selecting "show hidden files". The
folder did not exist.

Recently all my documents in the "My Documents" folder disappeared and
all my Favorites disappeared from Internet Explore. Are these two
events a result of the Exploit-Byte Verify virus?

McAfee said the file could not be cleaned and had to be quarantined or
deleted. Could not find out where McAfee puts quarantined files so I
deleted it.

Ran scan again in both safe mode and regular mode and everything
showed clear.
 
It was most likely a ".CLASS" file found in "archive.jar-11012ea5-2063308e.zip" and the JAR
file was in the Sun Java Cache

Before you do another McAfee scan...
Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java plug-in --> cache --> clear

* * * Please report back your results * * *

--
Dave





| McAfee discovered this during a scan. The location it gave for the
| file I could not find, even when selecting "show hidden files". The
| folder did not exist.
|
| Recently all my documents in the "My Documents" folder disappeared and
| all my Favorites disappeared from Internet Explore. Are these two
| events a result of the Exploit-Byte Verify virus?
|
| McAfee said the file could not be cleaned and had to be quarantined or
| deleted. Could not find out where McAfee puts quarantined files so I
| deleted it.
|
| Ran scan again in both safe mode and regular mode and everything
| showed clear.
 
It was most likely a ".CLASS" file found in "archive.jar-11012ea5-2063308e.zip" and the JAR
file was in the Sun Java Cache

Before you do another McAfee scan...
Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java plug-in --> cache --> clear

* * * Please report back your results * * *
Click to expand...
Okay...executed your directions.

Interesting discovery...McAfee can see all my documents and can
execute scans on them but they do not show up in Windows Explorer in
the My Documents Folder.

Where are they? Any idea?
 
Chap said:
Okay...executed your directions.
Click to expand...

Properly following Dave's instructions should have resulted in proper
removal of the thing that McAfee was objecting to, BUT nearly all real-
world byte-verifier exploits drop downloaders. _IFF_ your Java
implementation was vulnerable to the byte-verifier exploit when that
thing arrived you most likely have some _other_ malware present as
well...
Interesting discovery...McAfee can see all my documents and can
execute scans on them but they do not show up in Windows Explorer in
the My Documents Folder.

Where are they? Any idea?
Click to expand...

Windows XP??

Try looking through the "\Documents and Settings" folder...

Various registry settings affect what Explorer thinks of as the "My
Documents" folder and that can get rather screwed up.
 
Windows XP??

Try looking through the "\Documents and Settings" folder...

Various registry settings affect what Explorer thinks of as the "My
Documents" folder and that can get rather screwed up.
Click to expand...

XP-Home SP2

I did a search via Windows Explorer for a file that McAfee AV was able
to see in My Documents Folder. The file was found in My Documents and
I was able to open the file but still in Win Explorer the My Documents
shows up empty and the properties on the displayed empty My Documents
Folder shows a folder of 254 MB. So all the files are there but not
visible for some reason.
 
Back
Top