[NOD32] I get Java/ClassLoader.B trojan ..&.. Java/Exploit.Bytverify trojan

P

PWalker

Hi, I rann NOD32 recently and got the following as being tojans:

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-3b328bed-47903523.class
- Java/ClassLoader.B trojan

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-5d1b4c65-77d1dc48.class
- Java/ClassLoader.B trojan

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-281e147b-26c755fc.class
- Java/Exploit.Bytverify trojan

.... but are they really? Can I delete them? They are present in my 'cache'
which i am guessing is stuff i can delete i.e. similar to a 'Temp' folder?

Any advice on what i should do?

Many thanks,

peter
 
J

Jari Lehtonen

Any advice on what i should do?
You can:
a) submit the files to Eset for analysis. Here is how:
"To submit a suspicious file to Eset for analysis, please carry on as
follows:

* compress the file(s) into a zip or rar archive, protect it with the
password "infected"
* attach the archive to an email message
* send the message with the attachment to (e-mail address removed) "
b) get a second opinion by testing the files with online scanners like
http://virusscan.jotti.org/ and
http://www.virustotal.com/flash/index_en.html

Jari
 
D

David H. Lipman

From: "PWalker" <[email protected]>

| Hi, I rann NOD32 recently and got the following as being tojans:
|
| C:\Documents and Settings\user\Application
| Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-3b328bed-47903523.class
| - Java/ClassLoader.B trojan
|
| C:\Documents and Settings\user\Application
| Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-5d1b4c65-77d1dc48.class
| - Java/ClassLoader.B trojan
|
| C:\Documents and Settings\user\Application
| Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-281e147b-26c755fc.class
| - Java/Exploit.Bytverify trojan
|
| ... but are they really? Can I delete them? They are present in my 'cache'
| which i am guessing is stuff i can delete i.e. similar to a 'Temp' folder?
|
| Any advice on what i should do?
|
| Many thanks,
|
| peter
|

They are real and quite common...

Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear

Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings --> delete
files

Perform another "On Demand" scan of your computer.

* * * Please report back your results * * *
 
D

Duane Arnold

PWalker said:
Hi, I rann NOD32 recently and got the following as being tojans:

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\BlackBox.class-3b328bed-47903523.class
- Java/ClassLoader.B trojan

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\Dummy.class-5d1b4c65-77d1dc48.class
- Java/ClassLoader.B trojan

C:\Documents and Settings\user\Application
Data\Sun\Java\Deployment\cache\javapi\v1.0\file\VerifierBug.class-281e147b-26c755fc.class
- Java/Exploit.Bytverify trojan

... but are they really? Can I delete them? They are present in my 'cache'
which i am guessing is stuff i can delete i.e. similar to a 'Temp' folder?

Why don't you delete all the files out of the *cache* directory and be done
with it? You can do it with the browser or you can do it manually.

Duane :)
 

Ask a Question

Want to reply to this thread or ask your own question?

You'll need to choose a username for the site, which only take a couple of moments. After that, you can post your question and our members will help you out.

Ask a Question

Top