Trojan-Downloader.Java.Agent.c

Do you have a question? Post it now! No Registration Necessary.  Now with pictures!

Threaded View
Kapersky on line scanner finds: Trojan-Downloader.Java.Agent.c in:
C:\Documents and Settings\HP_Administrator\Application
Data\Sun\Java\Deployment\cache.0c0ee589-79fdbbd6/FcPred.class
     Infected: Trojan-Downloader.Java.Agent.c
     skipped





Please advise,

Thanks,

marc



Re: Trojan-Downloader.Java.Agent.c


| Kapersky on line scanner finds: Trojan-Downloader.Java.Agent.c in:
| C:\Documents and Settings\HP_Administrator\Application
| Data\Sun\Java\Deployment\cache.0c0ee589-79fdbbd6/FcPred.class
|      Infected: Trojan-Downloader.Java.Agent.c
|      skipped
|
| Please advise,
|
| Thanks,
|
| marc
|


If you are using any version of Sun Java that is prior to JRE Version 6.0,
then you are strongly urged to remove any/all versions.
There are numerous vulnerabilities in them and they are actively being exploited.

It is highly suggested that you update to the latest version which is Sun Java
JRE/JSE
Version 6.0 update 1 (jre 6u1)

Simple check, look under...
C:\Program Files\Java

The only folder under that folder should be the latest version.

Such as...
C:\Program Files\Java\jre1.6.0_01

http://java.sun.com/javase/downloads/index.jsp
http://www.java.com/en/download/manual.jsp

FYI:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1



1)    Dump the contents of your IE cache -
        Start --> settings --> control panel --> Internet options --> delete
files

2)    Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
       Tools --> Options --> Privacy --> Cache --> Clear

3)    Dump the contents of your Sun Java cache -
        Control panel --> Java applet --> cache --> clear
          or
        Control panel --> Java applet --> general --> settings --> delete files

4)    Re-scan your system using your anti virus software.


* * *  Please report back your results  * * *


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Trojan-Downloader.Java.Agent.c

Hi,

I'm using the latest version JRE: 1.6.0_01 but there are several folders of
earlier 1.5 versions. Should I just delete those earlier versions from the
Java folder?

Marc



Quoted text here. Click to load it



Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it
David will be along, but I am sure he will say this......

Go to Add/Remove and see how many versions are in there of Java.  It
would be preferable to remove those first.  Then go to Program Files and
remove any folder that is other than your latest one.

However, you can wait to see what Mr. Lipman (G) has to say on the
subject.

Heather

Quoted text here. Click to load it



Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it

Use the control panel, add/remove programs to remove the related registry
entries, as well as the files.

If, after removing the 1.5 versions, using the control panel, you find there
are still older versions in the java directory, then delete those manually.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Re: Trojan-Downloader.Java.Agent.c


| Hi,
|
| I'm using the latest version JRE: 1.6.0_01 but there are several folders of
| earlier 1.5 versions. Should I just delete those earlier versions from the
| Java folder?
|
| Marc
|

Heather and Dave provided you with the correct information.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Trojan-Downloader.Java.Agent.c

Okay..........just one question. Java, in their FAQ states that: "The latest
version of the Java Runtime Environment (JRE) contains updates to previous
versions. There might be some applications or applets written and tested
against a specific version of the JRE.
It is recommended that you keep older versions of the JRE on your system. If
you are running low on disk space, you can uninstall older versions of the
JRE."

So what is the risk or problem with removing the earlier versions? Why do
they recommend keeping them?

Marc





Quoted text here. Click to load it



Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it

The faq was written before sun released a version, that patched a
security vulerability, without releasing patches for the older versions.

It is not safe to keep older versions anymore, as they are no longer
being maintained.

I've yet to encounter an applet that failed to run on newer versions,
with the exception of malware, designed to take advantage of the
exploits available in the older versions.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it
If I recall David Lipman's explanation correctly, there are security
holes in the older version (I happen to run 1.5.0_11 myself).  Which is
why you should remove them.  You have already had an example of that.

As for why they recommend keeping them??  Because they are IDIOTS and
don't understand the problems.  (to put it bluntly, grin).

Cheers.......Heather



Re: Trojan-Downloader.Java.Agent.c


wrote:

Quoted text here. Click to load it

1.5.0_11 should have auto updated itself to 1.6.0_1 a few weeks back
(unless you told it not to, of course) so it looks like they're
finally getting their act together on that one.


Jim.


Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it

Yes.....I disabled it after being bugged to download the latest one.  I
tried it and prefer the older one, which I don't believe has any
security holes.  They changed their method of clearing the cache,
IIRC......and it was a pain.

Night.....Heather



Re: Trojan-Downloader.Java.Agent.c


| Okay..........just one question. Java, in their FAQ states that: "The latest
| version of the Java Runtime Environment (JRE) contains updates to previous
| versions. There might be some applications or applets written and tested
| against a specific version of the JRE.
| It is recommended that you keep older versions of the JRE on your system. If
| you are running low on disk space, you can uninstall older versions of the
| JRE."
|
| So what is the risk or problem with removing the earlier versions? Why do
| they recommend keeping them?
|
| Marc

Marc:

Please read...
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102557-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102622-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102648-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102729-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102732-1
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102760-1


There are secutity hioles, vulnerabilities, in older versions and there is code
(and I have
seen it in action) that will seek out older versions and test them for
vulnerabilities and
subsequently exploit them.  Laeving old versions leaves your PC, and your data,
"at risk".


--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Trojan-Downloader.Java.Agent.c



Quoted text here. Click to load it

OK......so now you have the same answer from 3 diverse people, each in
their own unique style, grin.

Remove the older versions and make sure their folders are gone in
Programs.  IIRC, they will still be there.

Cheers.....Heather



Re: Trojan-Downloader.Java.Agent.c

Thanks.......All!


marc



Quoted text here. Click to load it



Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it

If I remember correctly (I rarely use windows, anymore), the folder will
be deleted, if you clear the cache first.  If there's anything in the
folder, that wasn't created during the install, then the folders will
be kept, but with all of the files created during the install, having
been deleted by the uninstall.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Re: Trojan-Downloader.Java.Agent.c



|
| If I remember correctly (I rarely use windows, anymore), the folder will
| be deleted, if you clear the cache first.  If there's anything in the
| folder, that wasn't created during the install, then the folders will
| be kept, but with all of the files created during the install, having
| been deleted by the uninstall.
|
| Regards, Dave Hodgins
|

No really.  The cache is stored in the user's profile.

--
Dave
http://www.claymania.com/removal-trojan-adware.html
http://www.ik-cs.com/got-a-virus.htm



Re: Trojan-Downloader.Java.Agent.c

On Fri, 18 May 2007 22:08:48 -0400, David H. Lipman

Quoted text here. Click to load it

Thanks for the correction.

Regards, Dave Hodgins

--
Change nomail.afraid.org to ody.ca to reply by email.
(nomail.afraid.org has been set up specifically for
use in usenet. Feel free to use it yourself.)

Re: Trojan-Downloader.Java.Agent.c


Quoted text here. Click to load it

Yep......and I clean it out every day or two.  You know I am an addicted
Pogo player (G) and it sure fills up the cache fast.  Another way I
sometimes empty it is via Control Panel/Java.....and I delete all in the
bottom box.

Cheers......Heather
Quoted text here. Click to load it



Re: Trojan-Downloader.Java.Agent.c

"sasha gottfried" wrote:

Quoted text here. Click to load it

Some applications and applets may no longer work as intended.

Quoted text here. Click to load it

For exactly the reason they say above. However, if you only want Java
for sites that use applets in web pages and you are concerned about
security, you should ignore their advice.

At work, we need to use a particular version of Java for some
applications on our corporate network. This isn't a big risk because
Java on external sites (i.e. the Internet) is blocked by the firewall.



Site Timeline