cancel
Showing results for 
Search instead for 
Did you mean: 
Unclepotter
Level 7

Trojan Found

Hi,

After doing a full scan this morning McAfee found and quarantined these two trojans.

Exploit-CVE2008-5353 (trojan)

Exploit-CVE2009-3867 (trojan)

This is the first time in over 3 years of using McAfee that anything has been found.Can someone please tell me what these are and is it ok now that they have been quarantined.

0 Kudos
7 Replies
bcaseiro
Level 11

Re: Trojan Found

Hi Unclepotter,

Below there are some links with additional information about the trojan found in your environment:

http://vil.nai.com/vil/content/v_252846.htm - Exploit-CVE2008-5353

http://vil.nai.com/vil/content/v_265337.htm - Exploit-CVE2009-3867

Please check if you are running the latest virus definition and scan engine. If so, run a full On-demand scan on the affected machines. If this scan completes and all of the malwares found are properly removed (deleted and/or cleaned) you should be safe. The same applies if no malware if found during this scan.

Regards,

Bruno

0 Kudos
ornar
Level 7

Re: Trojan Found

Hello,

I have a related question. I will appreciate a reply asap. Thanks:

My laptop  also got infected by  Exploit-CVE2009-3867 Trojan (Exploit-ByteVerify) - and was found by my McAfee two days ago during a routine autimatic scan.

According to the detection log  the trojan was found in

C:\Documents and Settings\xxx\Application Data\Sun\Java\Deployment\cache\6.0\31\5637119f-1b7b00ca

and was removed ("xxx" is my user directory).

However, I checked the above Java folder and found the file there

. I scanned it with McAfee, SpyBot and Malwarebytes' Anti-Malware - and all had negative (no infection was found). Still I am worried that the tojan installed itself again and wonder if I need to get rid of that file and/or do anything else to assure that it is ok.

Thank you,

O

0 Kudos
Unclepotter
Level 7

Re: Trojan Found

Hi,

Open your java console(via control panel),then general>temporary internet files>settings.delete all temporary files.

This will clear all your Java cache

0 Kudos
ornar
Level 7

Re: Trojan Found

Thank you for the quick answer. I did what you suggested and, indeed the file is gone.

I still wonder why it was there after McAfee said it is removed... I would appreciate it if you can explain that.

Many thanks,

O

0 Kudos
Unclepotter
Level 7

Re: Trojan Found

Hi, Glad you got rid of it.I can't really say why it didn't remove.I just followed someone else's advice and passed that advice onto yourself Just a thought,but did McAfee remove it or just quarantine it.?

0 Kudos
ornar
Level 7

Re: Trojan Found

HI,

Thank you.

McAfee reports that it has been removed. That's why I was worried that the virus is still there somewhere ...

O

0 Kudos
CompGuy123
Level 7

Re: Trojan Found

Hello all,

McAfee found

Exploit-CVE2009-3867 Trojan (Exploit-ByteVerify)

yesterday during a scan, and I came onto the forums to learn a bit more about it.  It was automatically removed by McAfee, but I went ahead and followed the posted suggestion to wipe my Java cache.  I wanted to be sure that it was completely gone because I had been experiencing some kind of browser hijacking/popup stuff.

Unfortunately the popup problems did not disappear when the Trojan was removed.  I have done several more scans with McAfee and all turned up clean.  Maybe this trojan is evading McAfee?  I've considered the situation that my popup problems are being caused by some virus/trojan unknown to McAfee, but does anyone know what the symptoms of this specific trojan (Exploit-CVE2009-3867 Trojan (Exploit-ByteVerify)) are?  Are they anything like what I've been experiencing?

Thank you!

on 5/25/10 11:08:03 PM CDT
0 Kudos