Multiple Viruses in Sun Java

[Stg-Flame]

I ran Ad-Aware last night and during the scan, my anti-virus found two Virus/Worms in:
C:\Documents and Settings\Sean Hardy\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\jvmimpro.jar-6b13a7e7-16870bc0.zip\vmain.class

I scanned my entire computer overnight and when I got up this morning, more viruses in that same directory were found. Should I continue to move them all to chest, delete them, repair them, or should I just go to that directory and Shift-Delete those folders?

Here is some information from my anti-virus:

File name: *see above*
Malware name: Other.Malware-gen
Malware type: Virus/Worm
VPS version: 080206-0, 02/06/2008

EDIT: I am almost to be late for a meeting so I cannot stay for an answer right now. I will leave the virus message from my anti-virus up while I am gone. Hopefully, by the time I get back, someone will have some more information on the matter.

 

[mechBgon]

Do you have an actual antivirus program, or only Ad-Aware? If you don't have an antivirus, or if it's weak, do some online virus scans to see what your current situation is. F-Secure has an online scanner in their Security Center which would be a good one to start with.

Incidentally, do you have any known need for Sun Java at all? If not, uninstall it until you actually have a need for it. Given that Java exploits are often used in scripted attacks via your web browser, also check your system for other similarly-exploitable stuff: https://psi.secunia.com And if a non-Admin user account would work for you, that's a great security improvement too: http://www.mechbgon.com/build/security2.html

 

[Stg-Flame]

I have Avast for my anti-virus. It has worked perfectly so far and it is free.

As it stands, I don't know of any use for Sun Java. My house recently burned down (http://forums.anandtech.com/me...d=38&threadid=2149971) and my mom used to play Online games at www.pogo.com which used Sun Java. With the current situation, she won't be able to play any of those games anytime soon, at least not on my computer.

I shall check those links you supplied, but in the meantime, what do you suggest I do about the current malware? Should I Move to chest, Delete, or Move/Rename them? Or should I just delete them all and then uninstall Sun Java?

 

[mechBgon]

I'd delete them all and then (1) uninstall Sun Java and (2) also scan the system with a different brand of antivirus just to make sure. Avast doesn't have the best detection rate out there, unfortunately, so no news isn't always good news

 

[nordloewelabs]

i got tired of Java. i'm in the process of finding a good replacement for Azureus so that i can kick Java out of my system. i wish i could replace Flash. i'm sure that once SilverLight will become a source of headache too someday.

regarding the infected files, you can try to upload them to http://www.virustotal.com and see what they are. you can also download the free Kasperski SOS antivirus. it can run side-by-side with your current antivirus, but it only performs manual scans. i dont know how efficient the F-Secure scan is, but it sure is slow.... :\

 

[John]

Originally posted by: nordloewelabs
i dont know how efficient the F-Secure scan is, but it sure is slow.... :\

F-Secure has thorough detection since it uses multiple scan engines: AVP (Kaspersky) + Libra (modded F-Prot) + Pegasus (Norman) + Draco (Ad-Aware) + Orion (in-house heuristics) + Blacklight (in-house rootkit)

I'd rather a scanner be slow and thorough.