Guest Paracelsus Posted January 8, 2005 Share Posted January 8, 2005 Greetings to the ever vigilant Highlanders.Yesterday evening while running AdAware and SpyBot...NAV had a pop-up saying I had an infection with a Trojan Horse. I later ran a manual Scan of my HD, and sure enough...NAV can back saying it had detected "Beyond.Class", but could not remove or repair the file.I've quarantined it for the moment and reported it to Symantec. However...I can find no info for this. :hmm:I should have copied the complete path, but I remember that NAV said it was a zipped file in one of the .JAR files for Java. :blink:This seems more than a bit odd to me, and I was wondering if NAV may have just had a Brain Fart?Any speculation amongst the cognoscenti?? Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted January 8, 2005 Share Posted January 8, 2005 Can you check your logs?I'd like to see the whole path on that. Quote Link to comment Share on other sites More sharing options...
Guest Paracelsus Posted January 8, 2005 Share Posted January 8, 2005 Unfortunately, Nathan,As I was going through the reports... I accidentally cleared the log instead of printing it Quote Link to comment Share on other sites More sharing options...
Plukaduk Posted January 8, 2005 Share Posted January 8, 2005 Have a look here Byte.Verify Quote Link to comment Share on other sites More sharing options...
Guest Paracelsus Posted January 9, 2005 Share Posted January 9, 2005 Thanks Pluka.I did see that one one search at Symantec for Beyond.Class, but it seems to refer to a different ".class" Trojan.It could be similar... so I may go ahead and try the steps outlined.Just wish I knew how the dang thing got through my Firewall & Router Quote Link to comment Share on other sites More sharing options...
nlinecomputers Posted January 9, 2005 Share Posted January 9, 2005 If it was java then it was part of a web page. It probably didn't even run, it was just in your cache and was caught on the scan. Visit any questionable sites lately? Gotta stay away from those porn sites, you dog. Quote Link to comment Share on other sites More sharing options...
Guest Paracelsus Posted January 9, 2005 Share Posted January 9, 2005 (edited) I will have to have a long talk with LabRat tomorrow :shifty:He was the only one here while I was on vacation Edited January 9, 2005 by Paracelsus Quote Link to comment Share on other sites More sharing options...
Rons Posted January 9, 2005 Share Posted January 9, 2005 Empty the Java cache folder may also help in removing the parasite. Quote Link to comment Share on other sites More sharing options...
NRD Posted January 9, 2005 Share Posted January 9, 2005 (edited) As Nline said, it probably came from a website running Java (not javascript) Perhaps you have an older version of MS's JVM? (java virtual machine) installed? You might want to remove microsoft's virtual machine, if installed and install Sun's Java runtime instead.This site lists the procedure.http://www.helpwithwindows.com/WindowsXP/howto-21.html Edited January 9, 2005 by NRD Quote Link to comment Share on other sites More sharing options...
Ed_P Posted January 9, 2005 Share Posted January 9, 2005 Unfortunately, Nathan,As I was going through the reports... I accidentally cleared the log instead of printing it Run another scan. It'll great a new log. Quote Link to comment Share on other sites More sharing options...
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.