Author Topic: *.class files  (Read 3964 times)

0 Members and 1 Guest are viewing this topic.

John-

  • Guest
*.class files
« on: May 16, 2005, 07:02:09 PM »
Hello,

Yesterday I did a scan with Avast! 4.6 Home Edition and my computer seemed to be infected with  8 virusses!

I found it kinda strange i got infected because Avast! is running constantly with all providers set to maximum. I browse with Firefox (1.0.4) and I use Thunderbird as my emailclient and all email is filtered with spamihilator.
I am using Windows XP Pro SP2 (english language) with all updates installed!
My computer is also protected with spywareblaster and Spybot

I know these *.class files are java related with the so called "virtual machine".
Are these *.class really dangerous? Cause i didn't "feel" anything unusual while working with my computer.




Offline xistenz

  • Poster
  • *
  • Posts: 632
Re: *.class files
« Reply #1 on: May 16, 2005, 07:07:55 PM »
These files were probably meant to infect computers with the old MS virtual machine. If you have the latest version of Sun's JAVA, then you should be okay

DaveD

  • Guest
Re: *.class files
« Reply #2 on: May 16, 2005, 07:13:17 PM »
I am just going to take a guess at this one, so please correct me if I am wrong.

Could these have been prevented real-time with the Script Blocker module?

The Script Blocker module is available in the Professional Edition only.
http://www.avast.com/eng/avast_4_professional.html#5

John-

  • Guest
Re: *.class files
« Reply #3 on: May 16, 2005, 07:28:04 PM »
mmm, not sure,... I mean it did'nt really cause me harm.
I do not think that Sun would put virusses in their software!

Offline FreewheelinFrank

  • Avast Evangelist
  • Ultra Poster
  • ***
  • Posts: 4872
  • I'm a GNU
    • Don't Surf in the Nude!
Re: *.class files
« Reply #4 on: May 16, 2005, 08:14:09 PM »
Avast! WebShield will block these exploits. They are usually designed to exploit a vulnerability in the MS Java Virtual Machine, as a previous posting mentioned. On a vulnerable machine, they will download a Trojan horse, and spyware like CoolWWWSearch.

Java code runs in a sandbox, as is not able to execute malicious actions outside of that sandbox. As long as the sandbox has no 'holes' it is safe to run Java code. The key to running Java safely is therefore to check regularly for updates to the Java plug-in to ensure that any 'holes' or security vulnerabilities are patched.

The MS Java plug-in is obsolete and should be shown the door.

The Sun Java Plug-in has also had vulnerabilities. Make sure you have the latest version: 1.5.0_3.

http://java.sun.com/j2se/1.5.0/download.jsp

Delete these files by clearing the Java cache.
http://www.java.com/en/download/help/cache_virus.xml
     Bambleweeny 57 sub-meson brain     Don't Surf in the Nude Blog

John-

  • Guest
Re: *.class files
« Reply #5 on: May 17, 2005, 06:47:41 PM »
Hey thanks!

I learned some stuff by reading your reply and checking out the links!
I cleared the cache and noticed in the control panel of windows that Java is setup to check daily for updates!

thanks again!

greetz

John