Author Topic: Virus or not?  (Read 6335 times)

0 Members and 1 Guest are viewing this topic.

The Maxx

  • Guest
Virus or not?
« on: July 27, 2004, 07:03:09 AM »
I noticed tonight while running Ad-Aware that two warnings popped up on me.

"7/27/2004 12:41:02 AM   NT AUTHORITY\SYSTEM   1668   Sign of "JS:ClassLoader-7" has been found in "C:\PROGRA~1\Lavasoft\AD-AWA~1\Cache\GetAccess.class" file.  

7/27/2004 12:41:02 AM   NT AUTHORITY\SYSTEM   1668   Sign of "JS:Exploit-Bytverify-11" has been found in "C:\PROGRA~1\Lavasoft\AD-AWA~1\Cache\InsecureClassLoader.class" file."

But when I'd do a virus scan it would find nothing.  It only says they are there when I'm running Ad-Aware.  Plus I can't seem to find the cache folder in Ad-Awares directory at all even if I tell it to show hidden files and folders.
So whats going on, do I have a virus or not?

****Update******

I seem to have find the folder they were in, Sun Java.  If those were 100% true viruses then how did they get past avast! in the first place?
« Last Edit: July 27, 2004, 07:28:08 AM by The Maxx »

watchthisspace

  • Guest
Re:Virus or not?
« Reply #1 on: July 27, 2004, 07:28:09 AM »

Offline bob3160

  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 48524
  • 64 Years of Happiness
    • bob3160 Protecting Yourself, Your Computer and, Your Identity
Re:Virus or not?
« Reply #2 on: July 27, 2004, 04:15:10 PM »
The Maxx
Is your operating system up-to-date?
Free Security Seminar: https://bit.ly/bobg2023  -  Important: http://www.organdonor.gov/ -- My Web Site: http://bob3160.strikingly.com/ - Win 11 Pro v22H2 64bit, 16 Gig Ram, 1TB SSD, Avast Free 23.5.6066, How to Successfully Install Avast http://goo.gl/VLXdeRepair & Clean Install https://goo.gl/t7aJGq -- My Online Activity https://bit.ly/BobGInternet

The Maxx

  • Guest
Re:Virus or not?
« Reply #3 on: July 27, 2004, 04:34:56 PM »
Yes, matter of a fact it has the latest WinXP SP2 on it.  Plus a router and  the WinXP firewall turned on.
« Last Edit: July 27, 2004, 04:37:48 PM by The Maxx »

RedSector

  • Guest
Re:Virus or not?
« Reply #4 on: July 27, 2004, 05:50:49 PM »
Those look like somthing that would have come through a web page.  What browser do you use.

Online DavidR

  • Avast Überevangelist
  • Certainly Bot
  • *****
  • Posts: 88900
  • No support PMs thanks
Re:Virus or not?
« Reply #5 on: July 27, 2004, 06:19:34 PM »
Your OS may be upto date but there have been updates to the Sun Java Virtual Maching and MS JVM to combat a potential JAVA expliot.

If you haven't already updated JVM (assuming you are using it), do it soon.
Windows 10 Home 64bit/ Acer Aspire F15/ Intel Core i5 7200U 2.5GHz, 8GB DDR4 memory, 256GB SSD, 1TB HDD/ avast! free 24.2.6105 (build 24.2.8918.824) UI 1.0.799/ Firefox, uBlock Origin, uMatrix/ MailWasher Pro/ Avast! Mobile Security

The Maxx

  • Guest
Re:Virus or not?
« Reply #6 on: July 27, 2004, 06:20:12 PM »
I use 3 browsers, IE with SP2, Firefox 0.9.2 and Opera 7.53  They could've been grabbed while messing with IE.... but shouldn't avast! have caught them before they got placed on my PC no matter which browser I was using at the time?

Also I don't have MS JVM, I did have the latest Sun JVM tho, since I don't use it much I just uninstalled it.  If I need it again how do I make sure it's 100% updated so this doesn't happen again?
« Last Edit: July 27, 2004, 06:23:11 PM by The Maxx »

RedSector

  • Guest
Re:Virus or not?
« Reply #7 on: July 27, 2004, 06:22:33 PM »
Since those are scripts, I think that script blocker would be needed (I could be completely wrong)  And I am not sure if script blocker works with things other than IE.  Please, correct me if I am wrong.

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Virus or not?
« Reply #8 on: July 27, 2004, 06:36:58 PM »
Both suspected virus infected files are in the Lavasoft folder. (Ad-aware)
I know that ad-aware doesn't contain any harmfull code.
Please answer the following questions:

1) what version of avast?
2) what vps version?
3) what version of ad-aware?
4) do online scanners also detect it as infected?

The Maxx

  • Guest
Re:Virus or not?
« Reply #9 on: July 27, 2004, 06:45:17 PM »
I think they were listed in Ad-Aware was cause it scanned the Sun folder and found them as spyware first.  But after scanning all directories avast! found them in the Sun folder.

After deleting them and uninstalling Sun Java, avast! couldn't find any other viruses.  I also ran a few online scanners such as McAfee and nothing else was found.

whocares

  • Guest
Re:Virus or not?
« Reply #10 on: July 27, 2004, 07:28:59 PM »
Hi,

imho those files got onto your PC as archives and via an unsafely configured IE/browser

- Read VirusRemoval" below on how to secure your system & Browser(s) better, e.g. turn of activeX/scripting except for know, secure sites..

- avast resident shield doesn't scan archives in its default configuration (which is normally not necessary and would be a ressource-hog except on fast PCs)
 -> ad-aware probably unpacked those archives for analysis, and that is where avast stepped in
 -> in a full scan with archivescanning enabled, avast should catch the initial archives (as I gather it did?); if not, send them to alwil, please

 ;)

Offline Eddy

  • Avast Evangelist
  • Maybe Bot
  • ***
  • Posts: 31080
  • Watching (over?) you
    • Malware removal, Biljart and other things.
Re:Virus or not?
« Reply #11 on: July 27, 2004, 07:42:14 PM »
Could it have been you ran ad-aware, fixed the problems it found, and then ran Avast? If so it is possible that ad-aware removed/deleted the harmfull things, place them in the ad-aware cache folder and while running a scan with Avast, Avast found them there.

The Maxx

  • Guest
Re:Virus or not?
« Reply #12 on: July 27, 2004, 08:04:02 PM »
Ad-Aware didn't get rid of them at all.  I could run Ad-Aware 10 times and avast would still warn me..... I tried fixing/cleaning them and avast! said it couldn't due to some error.  After that I just deleted them and then said "what the heck" and uninstalled Sun JVM for now.

Before getting rid of it all I did a full scan and avast! found them in the Sun folder.  Then I run Ad-Aware again and found nothing at all.... after that I did the online scanners and nothing.   :)