VerifierBug.class Trojan!!

Protection for this was added to NAV on the 3rd.

Just remove the infected file and your done. If you happy to have the actual "infected" file, please forward to me so that i may conduct my own analysis. E-mail link is below.
 
I allready removed it, and I also have send a copy to Symantec (and to you). But I have no idea how I got infected. I've got NIS 2003, all the latest patches and updates. Thought my pc was secure.
 
Thanks for sending it to me.

You would have been infected by visiting a webpage that contains the malicious applet. Nothing you could have done. NAV had not been updated to detect this thread until after your inital infection.

They should publish a full write up on this threat soon and when they do ill post a link.

Now that NAV detects it your safe :) If you keep your eye on the thread above that you posted im sure the DSLR experts will have full details on it soon so you can know exactly what it does. Ill have a look at it this weekend if i get the time and let you know if i notice anything interesting.
 
Thanks for the info.....
I'll keep my eye on this thread, I'm quite curious what kind of Trojan it is, and what it does.
 
From what ive read the VerifierBug.class is not a trojan itself, its a "dropper" meaning it will fectch another trojan and plant it on the system. Thats just some conjecture however dont know anything for sure.
 
This detection covers Java applets that attempt to exploit the Microsoft Security Bulletin MS03-011 vulnerability. This severity of this vulnerability is considered to be critical. It allows an attacker to execute malicious code, simply by visiting an infectious website. Detections of this exploit do not necessarily mean that any malicious code was executed. It simply means that a Java applet was found to contain the exploit code. Conversely malicious code may have been run, which could result in any number of modifications to the system.

http://vil.nai.com/vil/content/v_100261.htm

Ensure MS03-11 has been applied. If you are using Sun Java you should up date that to, by the looks of the Sun forums that is also vulnerable.

Use MSBA to ensure the patch applied sucessfully.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/mbsawp.asp
 
Thanx, I'll get the latest Java and use MSBA to see if the patch is applied sucessfully.
 
I just removed this from my friends computer yesterday. I have never heard of it but assumed it was some javascript virii code. Thanks for the info.
 
Norton just found this virus on my computer... it wasn't able to repair it, so I quarantined it... what should I do? Just delete the file?

Edit: Ok I went into my Norton history and deleted the file from there... hopefully I didn't need it...
 

Members online

No members online now.

Latest profile posts

Also Hi EP and people. I found this place again while looking through a oooollllllldddd backup. I have filled over 10TB and was looking at my collection of antiques. Any bids on the 500Mhz Win 95 fix?
Any of the SP crew still out there?
Xie wrote on Electronic Punk's profile.
Impressed you have kept this alive this long EP! So many sites have come and gone. :(

Just did some crude math and I apparently joined almost 18yrs ago, how is that possible???
hello peeps... is been some time since i last came here.
Electronic Punk wrote on Sazar's profile.
Rest in peace my friend, been trying to find you and finally did in the worst way imaginable.

Forum statistics

Threads
62,015
Messages
673,494
Members
5,621
Latest member
naeemsafi
Back