Thank you for being a valued part of the CNET community. As of December 1, 2020, the forums are in read-only format. In early 2021, CNET Forums will no longer be available. We are grateful for the participation and advice you have provided to one another over the years.

Thanks,

CNET Support

General discussion

JS Trojan WindowBomb & Trojan.Byte Verify

Feb 18, 2004 12:14PM PST

Windows XP Home Edition a305w, version 2002, Service pack1, 270GHz, 248 MB Ram, IE 6.0 Dial up, No Network?


I was not logged in at any sites or logged into IE "net" Last night when several at least (+30) small popup boxes as well as (+10) reg sized pages started accumulating like mad. I tried ctrl/alt/delete in vain as well as ending my connection. Nothing obeyed lol. So... I pulled the phone cord out, it still carried on a bit. Gee that was exciting. All came from Yahoo if that matters? <I wasnt at yahoo>


Ran Spybot, it found nothing.
Ran CW Shredder, it found nothing.
I ran Stinger. It found nothing.
Norton took like 30+minutes before it decided to do anything with cord still unplugged.

STINGER -- I long ago selected ALL avaible options for it to scan & REPAIR is checked. On 1 occassion, I made the mistake of asking it to list all files scanned and SAVE REPORT TO FILE. Not to hot of an idea in my opnion. It saves it to Notepad which is entirely too small. Guess I dont need to see it anyways. Pretty much made the machine "hang" before I ended the task of opening it. Then promptly deleted it from recycle bin after deleting it.


< 1 > Do you agree with "repair" as the desired option as well as allowing it to ck every place it can?


AdAware ... I sure could use some advise on configureing it. Ive grown tired of the skipping about on its instructions. I ran it "as is" with 2 exceptions.
On the "Memory & Registry" scan settings, I elected it to scan my IE Favorites for banned URLs & scan my Hosts file. This was selected on the 1st scan and has remained selected. No other "tweaks" have been done.
Auto running before of after would help.

< 2 > Right or wrong I checked EVERYthing in
"Objects Recognized", EVERYtime it has run (total 6 times) Is this what I am suppose to be doing?


Quarrantined Objects has 6 sets
2-7-2004 2-10-04 2-17-04 2-17-04 2-18-2004
Has 97 Objects total


< 3 > What are the desired choices to be checked? As far as tweaks? Please include the auto running choice as well as spybot's selections and auto run suggestions. I dont let it do usage tracks or any black entries and there are many black ones.


< 4 > Should I be concerned that these 2 attacks were done via
C:\Documents and Settings\Active.jar-#A##F####-#######.zip was the BYTE Verify
C:\Documents and Settings\Owner\Localsettings\Bomb[1].htm was the Window Bomb?

Seems like java likes to be activated more than I ever noticed it doing prior to this. Msn Spades even turns it on, it didnt use to to my knowlage.
Seems like java drags the machine hard <always has> except in yahoo pool.

Well enough for the moment THANKS!

Discussion is locked

- Collapse -
Re:JS Trojan WindowBomb & Trojan.Byte Verify is why the Office banned Java.
Feb 18, 2004 12:28PM PST
- Collapse -
Re:Re:JS Trojan WindowBomb & Trojan.Byte Verify is why the Office banned Java.
Feb 18, 2004 12:59PM PST

Many times I have been set to google to view ??? someone elses posted question?

I dont know how to pinpoint exactlly what your wanting me to view out of 392,000 posts? Please advise.

Also... I have 20/20 vision and I cannot for the life of me get a satisfactory adjustment on my screen that does not hurt my eyes. I had no problem adjusting (brightness/contrast/etc on my ME computer. But this one feels as if it is damageing my vision rapidly. Any suggestions?

Im concidering reverting to 600-800 this 1024-768 is just too much. If I do will I have to make other adjustments? I doubt this would help except for seeing the sizes of most. I feel as if its more of a brightness contrast thing?

- Collapse -
Re:Re:JS Trojan WindowBomb & Trojan.Byte Verify is why the Office banned Java.
Feb 18, 2004 1:09PM PST

I believe I am at yahoo pool's mercy java wise or am I not?
Is this as simple as going to IE/Tools/InternetOptions/Advanced and de-selecting "Use Java? (control pannel actually for the changes)

Many times I have been set to google to view ??? someone elses posted question? I found an exact match once long ago, Im sure it was out of luck, the nicknames matched below the enter page font.

I dont know how to pinpoint exactlly what your wanting me to view out of 392,000 posts? Please advise.

Also... I have 20/20 vision and I cannot for the life of me get a satisfactory adjustment on my screen that does not hurt my eyes. I had no problem adjusting (brightness/contrast/etc on my ME computer. But this one feels as if it is damageing my vision rapidly. Any suggestions?

Im concidering reverting to 600-800 this 1024-768 is just too much. If I do will I have to make other adjustments? I doubt this would help except for seeing the sizes of most. I feel as if its more of a brightness contrast thing?

- Collapse -
Trojan.Byte Verify is why the Office banned Java.
Feb 19, 2004 2:10AM PST

You can read just the first two to see the issue. This exploit has yet to be corrected by the Java community or vendors.

So use Java if you must, but it's a security issue that we can't have in the workplace.

Bob