AVG Free version and Java virus

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
I've been using the free version of AVG 7 for awhile.  Each time it runs it
finds five viruses in the JavaByteVerify and Java/Class Loader area.  It
never gets rid of them.  My question is why not?  Can anyone explain this
for me?  I thought the idea was to identify and delete the viruses.

Thanks,
Craig



Re: AVG Free version and Java virus

SCraig wrote:

Quoted text here. Click to load it

Craig,

Java has been a security nightmare for quite some time. And much of it
surrounds its inept installer(s). If I were going to use Java, here is
what I would do.

1) Uninstall _all_ versions of Java on your system.
2) Search through the HD for all files associated with Java/JRE. Clean
as necessary.
3) Search through the Registry for all keys associated with Java/JRE.
Clean as necessary.
4) Download and install the latest, greatest version of Java.

See if that makes AVG happy. If not submit the suspect files to Virus
Total and/or Jotti for the purpose of determining whether they are FPs
or not.

   (http://www.virustotal.com /)
   (http://virusscan.jotti.org /)

If you are going to use Java, you absolutely, positively must keep it
up-to-date. And that always includes an uninstall/reinstall.

Ron :)

Re: AVG Free version and Java virus

Ron Lopshire wrote:
Quoted text here. Click to load it

My question though is why doesn't AVG delete these viruses since it finds
them?   Also, isn't Java a pretty standard and heavily used program?  How
could I not run it which I'm using my computer?



Re: AVG Free version and Java virus


| Ron Lopshire wrote:
Quoted text here. Click to load it

You have a a Java Trojan in a .CLASS file inside a Java Jar (ZIP type file).
AVG can unzip
and scan inside of the Java Jar but it is unable to delete the trjoanized .CLASS
file and
repackage the Java Jar.

If you are using any version of Sun Java that is prior to JRE Version 5.0 update
6,
then you are strongly urged to remove any/all versions that are prior to JRE/JSE
Version 5.0 update 6.  There are vulnerabilities in them and they are actively
being
exploited.  It is possible that is how you got infected with malware.

Therefore, it is highly suggested that if there are any prior versions of Sun
Java
to Version 5 update 6 on the PC that they be removed ASAP.

The latest version is Sun Java JRE/JSE Version 5.0 Update 8

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.5.0_08

http://www.java.com/en/download/manual.jsp

or

http://java.sun.com/javase/downloads/index.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1

1)    Dump the contents of your IE cache -
        Start --> settings --> control panel --> Internet options --> delete
files

2)    Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
       Tools --> Options --> Privacy --> Cache --> Clear

3)    Dump the contents of your Sun Java cache -
        Start --> settings --> control panel --> Java applet --> cache --> clear
          or
        Start --> settings --> control panel --> Java applet --> general -->
settings -->
        delete files

4)    Re-scan your system using your anti virus software.


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: AVG Free version and Java virus


Quoted text here. Click to load it

[snip]

Follow the advice given by Ron and David.
You can also empty the Java cache.
Control Panel (Classic view) > dbl click "Java Plug-in" > "Cache" tab
Click the "Clear" button



Re: AVG Free version and Java virus


Quoted text here. Click to load it
it

If I'm not mistaken the files in that Java directory are zipped therefore
compressed and that would, as I recall, could interfere with the removal,
go to the Java Dir. look for zipped files, delete (or delete the whole Java
Dir. and reinstall.

Mich...



Re: AVG Free version and Java virus


| If I'm not mistaken the files in that Java directory are zipped therefore
| compressed and that would, as I recall, could interfere with the removal,
| go to the Java Dir. look for zipped files, delete (or delete the whole Java
| Dir. and reinstall.
|
| Mich...
|

They are called Java Jars and store .CLASS files,  Java Jars are ZIP type files.

The problem is anti virus software can scan inside an archive file such as a
Java Jars but
can't delete a file from within and then repackage the archive file.  In the
case of Java
Jars with trojanized .CLASS files within, it is best to just delete the Java
Jars.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Site Timeline