Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

[question]trojan.java.classloader.ai


  • Please log in to reply
9 replies to this topic

#1 Hemuli

Hemuli

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:56 AM

Posted 28 October 2005 - 06:28 AM

I successfully removed Trojan.Java.ClassLoader.ai but still I get TCP connection attempts in firewall. Are these connected or are they completely separate things. I used to remove Trojan KillBox.exe and Cleanup! and finally I checked up whit Kaspersky scan and Ewido scan. There shut not be anything still in my computer or is there? Thanks for any commentary...

Hemuli


Scan results where these before "cleanup"

KASPERSKY ON-LINE SCANNER REPORT
Thursday, October 27, 2005 21:51:48
Operating System: Microsoft Windows XP Home Edition, Service Pack 2 (Build 2600)
Kaspersky On-line Scanner version: 5.0.67.0
Kaspersky Anti-Virus database last update: 27/10/2005
Kaspersky Anti-Virus database records: 147166
-------------------------------------------------------------------------------

Scan Settings:
Scan using the following antivirus database: standard
Scan Archives: true
Scan Mail Bases: true

Scan Target - Folders:
C:\cmdcons\
C:\Config.Msi\
C:\Documents and Settings\
C:\WINDOWS\

Scan Statistics:
Total number of scanned objects: 33211
Number of viruses found: 2
Number of infected objects: 4
Number of suspicious objects: 0
Duration of the scan process: 904 sec

Infected Object Name - Virus Name
C:\Documents and Settings\Heikin kone\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count3.jar-6baf99bc-2f6db149.zip/Beyond.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Heikin kone\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count3.jar-6baf99bc-2f6db149.zip/BlackBox.class Infected: Exploit.Java.Bytverify
C:\Documents and Settings\Heikin kone\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count3.jar-6baf99bc-2f6db149.zip/VerifierBug.class Infected: Trojan.Java.ClassLoader.ai
C:\Documents and Settings\Heikin kone\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\count3.jar-6baf99bc-2f6db149.zip Infected: Trojan.Java.ClassLoader.ai

Scan process completed.

BC AdBot (Login to Remove)

 


m

#2 hamluis

hamluis

    Moderator


  • Moderator
  • 54,819 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Killeen, TX
  • Local time:04:56 PM

Posted 28 October 2005 - 07:01 AM

You don't have an AV program installed?

What about a firewall?

Malware detection/removal programs?

Louis

#3 IsMe

IsMe

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Location:Tampa, Florida
  • Local time:06:56 PM

Posted 28 October 2005 - 08:26 AM

When in doubt, get a second opinion by using another anti-virus program. Ditto for anti-spyware.

#4 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:05:56 PM

Posted 28 October 2005 - 12:55 PM

Use as many of the following as possible, set to do complete scans and to fix what they find:

online trojan scans here -
http://scan.sygatetech.com/pretrojanscan.html
http://windowsecurity.com/trojanscan
Web based online Antivirus and anti-malware scans: (these can be run regardless of whatever else you are using. You must use Internet Explorer to run these.)

Kaspersky Anti-Virus Web Scanner
http://www.kaspersky.com/service?chapter=161739400#betatest

Windows Security Trojanscan
http://www.windowsecurity.com/trojanscan/trojanscan.asp

Panda Activescan (IE only)
http://www.pandasoftware.com/activescan/co...n_principal.htm

Trend Micro antivirus and malware scan:
http://housecall-beta.trendmicro.com/en/st...orp.asp?id=scan

Etrust Anti-virus web scanner
http://www3.ca.com/securityadvisor/virusinfo/scan.aspx


These web based scans use Active X so you must use Internet Explorer for them to function.

#5 Hemuli

Hemuli
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:56 AM

Posted 01 November 2005 - 08:08 AM

I have F-secure firewall and anti-virus.
And now I have downloaded Noadware, A-squared, Ad-aware, Ewido and Microsoft anti-spyware.
Is there a risk to have too many?

Still there is a lot attempts to come in but my firewall dont let. Its like many attempts in one minute. Should I be worried?

Hemuli

#6 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:04:56 PM

Posted 01 November 2005 - 09:52 AM

As long as your resources can handle it you will be fine. The exception is antivirus. You should only have one antivirus installed at a time. AV software does not play nice together.
How much memory do you have installed?
"2007 & 2008 Windows Shell/User Award"

#7 Hemuli

Hemuli
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:12:56 AM

Posted 01 November 2005 - 01:54 PM

I have 512 Mt ram and 200 Gt rom.

What is inbound malware Probe ?

Thanks a lot all the answers!


Hemuli

#8 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:05:56 PM

Posted 01 November 2005 - 10:55 PM

I have F-secure firewall and anti-virus.
And now I have downloaded Noadware, A-squared, Ad-aware, Ewido and Microsoft anti-spyware.
Is there a risk to have too many?

Still there is a lot attempts to come in but my firewall dont let. Its like many attempts in one minute. Should I be worried?

Hemuli


Download Spybot Search and destroy, install it, update it and set it to immunize your system. Make sure you enable "Teatimer" which gives you resident real time protection.

Make sure the Microsoft anti-spyware is setup to give you real time protection and automatic updates and scanning as well.

#9 acklan

acklan

    Bleepin' cat's meow


  • Members
  • 8,529 posts
  • OFFLINE
  •  
  • Gender:Not Telling
  • Location:Baton Rouge, La.
  • Local time:04:56 PM

Posted 01 November 2005 - 11:13 PM

I have F-secure firewall and anti-virus.
And now I have downloaded Noadware, A-squared, Ad-aware, Ewido and Microsoft anti-spyware.
Is there a risk to have too many?

Still there is a lot attempts to come in but my firewall dont let. Its like many attempts in one minute. Should I be worried?

Hemuli


I recommend trying the following.

Antivirus
AVG Free Edition Antivirus(I personally use)
Avast Home Edition Antivirus Freeware

Antispyware
Microsoft AntiSpyware Beta
Spybot
AdAware SE Personal Edition
Ewido Security Suite - 14 day trial
A Squared Free[\URL]

Utility
cCleaner

Firewalls
Sygate 5.4(I personally use)
[url="http://www.download.com/ZoneAlarm/3000-10435_4-10434530.html?tag=lst-0-4"]Zone Alarm

Best of all... they are free.
"2007 & 2008 Windows Shell/User Award"

#10 Enthusiast

Enthusiast

  • Members
  • 5,898 posts
  • OFFLINE
  •  
  • Location:Florida, USA
  • Local time:05:56 PM

Posted 01 November 2005 - 11:16 PM

I have F-secure firewall and anti-virus.
And now I have downloaded Noadware, A-squared, Ad-aware, Ewido and Microsoft anti-spyware.
Is there a risk to have too many?

Still there is a lot attempts to come in but my firewall dont let. Its like many attempts in one minute. Should I be worried?

Hemuli


You will probably find that the alerts are coming from your ISP. Check your firewall log to see.




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users