• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

VerifierBug.class Trojan!!

#2
Protection for this was added to NAV on the 3rd.

Just remove the infected file and your done. If you happy to have the actual "infected" file, please forward to me so that i may conduct my own analysis. E-mail link is below.
 
S

Static 99

Guest
#3
I allready removed it, and I also have send a copy to Symantec (and to you). But I have no idea how I got infected. I've got NIS 2003, all the latest patches and updates. Thought my pc was secure.
 
#4
Thanks for sending it to me.

You would have been infected by visiting a webpage that contains the malicious applet. Nothing you could have done. NAV had not been updated to detect this thread until after your inital infection.

They should publish a full write up on this threat soon and when they do ill post a link.

Now that NAV detects it your safe :) If you keep your eye on the thread above that you posted im sure the DSLR experts will have full details on it soon so you can know exactly what it does. Ill have a look at it this weekend if i get the time and let you know if i notice anything interesting.
 
S

Static 99

Guest
#5
Thanks for the info.....
I'll keep my eye on this thread, I'm quite curious what kind of Trojan it is, and what it does.
 
#6
From what ive read the VerifierBug.class is not a trojan itself, its a "dropper" meaning it will fectch another trojan and plant it on the system. Thats just some conjecture however dont know anything for sure.
 
#7
This detection covers Java applets that attempt to exploit the Microsoft Security Bulletin MS03-011 vulnerability. This severity of this vulnerability is considered to be critical. It allows an attacker to execute malicious code, simply by visiting an infectious website. Detections of this exploit do not necessarily mean that any malicious code was executed. It simply means that a Java applet was found to contain the exploit code. Conversely malicious code may have been run, which could result in any number of modifications to the system.
http://vil.nai.com/vil/content/v_100261.htm

Ensure MS03-11 has been applied. If you are using Sun Java you should up date that to, by the looks of the Sun forums that is also vulnerable.

Use MSBA to ensure the patch applied sucessfully.

http://www.microsoft.com/technet/treeview/default.asp?url=/technet/security/tools/tools/mbsawp.asp
 
S

Static 99

Guest
#8
Thanx, I'll get the latest Java and use MSBA to see if the patch is applied sucessfully.
 

Tiesto

OSNN Addict
#9
I just removed this from my friends computer yesterday. I have never heard of it but assumed it was some javascript virii code. Thanks for the info.
 
#10
Norton just found this virus on my computer... it wasn't able to repair it, so I quarantined it... what should I do? Just delete the file?

Edit: Ok I went into my Norton history and deleted the file from there... hopefully I didn't need it...
 

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
Xie
What a long strange trip it's been. =)

Forum statistics

Threads
61,961
Messages
673,239
Members
89,014
Latest member
sanoravies