Plenty of trojans found in Sun Java cache

[Moe Hair]

Should I just delete Sun Java and go with MS? I did a boot scan with Avast
and it deleted about 10 trojans in various Sun Java documents and settings
cache directories.

What's the best way to clean it out other than to delete temp files in the
Sun Java console?

 

[Beauregard T. Shagnasty]

Should I just delete Sun Java and go with MS?

No. AFAIK, MS stopped distributing their version some time ago, and
even if you can find it, is seriously old.

I did a boot scan with Avast and it deleted about 10 trojans in
various Sun Java documents and settings cache directories.

What's the best way to clean it out other than to delete temp files
in the Sun Java console?

I find a button in the Control Panel > Java application that claims to
do that.

Where were you surfing that you acquired these trojans?

 

[kurt wismer]

Should I just delete Sun Java and go with MS?

that will solve nothing...

I did a boot scan with Avast
and it deleted about 10 trojans in various Sun Java documents and settings
cache directories.

which basically means you've been to afflicted websites, nothing more...

What's the best way to clean it out other than to delete temp files in the
Sun Java console?

that's about it - if you want to keep your cache clean then figure out
what page(s) the trojans are coming from and stop going there...
switching to ms' java runtime isn't going to stop java trojans you
encounter on the web from being saved in your cache...

 

[Vanguard]

Should I just delete Sun Java and go with MS? I did a boot scan with
Avast
and it deleted about 10 trojans in various Sun Java documents and
settings
cache directories.

What's the best way to clean it out other than to delete temp files in
the
Sun Java console?

Just disable the cache in the Sun JVM. Use the Control Panel applet for
it. Unless you are downloading huge applets or applications for Java
from some server, there's no point in caching them. However, not
caching them only gets rid of the problem of them remaining on your hard
drive when you aren't actually using them. So the real problem is why
you are continuing to visit sites and do downloads of infected Java
applets/applications.

 

[David H. Lipman]

From: "Moe Hair" <[email protected]>

| Should I just delete Sun Java and go with MS? I did a boot scan with Avast
| and it deleted about 10 trojans in various Sun Java documents and settings
| cache directories.
|
| What's the best way to clean it out other than to delete temp files in the
| Sun Java console?

They are either .CLASS files outside or .CLASS files inside Java Jars (ZIP files).

No version of Java is really immune to getting them. The MS version is just a modified
version of Sun Java. Your AV software should handle .CLASS files outside Java Jars OK.
However, it may not handle .CLASS files inside Java Jars and the best way to deal with Java
Script file infectors is to dump your caches.


1) Dump the contents of your IE cache -
Start --> settings --> control panel --> Internet options --> delete files

2) Dump the contents of the Mozilla FireFox Cache { if you use FireFox }
Tools --> Options --> Privacy --> Cache --> Clear

3) Dump the contents of your Sun Java cache -
Start --> settings --> control panel --> Java applet --> cache --> clear
or
Start --> settings --> control panel --> Java applet --> general --> settings -->
delete files

 

[Wilbur Post]

Where were you surfing that you acquired these trojans?

all over the joint! I just did a Trend Micro sysclean and it didn't find
anymore. I'm going to run another scan with AVG and see if Avast missed
any.

Why is it only in the Sun Java cache that these viruses are found?

 

[Wilbur Post]

that's about it - if you want to keep your cache clean then figure out
what page(s) the trojans are coming from and stop going there...
switching to ms' java runtime isn't going to stop java trojans you
encounter on the web from being saved in your cache...

I also get these viruses in my Sun Java cache (like the previous poster)
and use Avast to clean them up. They probably are in some porn sites I
visit - LOL! Is there any danger in these things?

 

[David H. Lipman]

From: "Wilbur Post" <[email protected]>

| ||
| all over the joint! I just did a Trend Micro sysclean and it didn't find
| anymore. I'm going to run another scan with AVG and see if Avast missed
| any.
|
| Why is it only in the Sun Java cache that these viruses are found?

It isn't. They can also be found in the Browser cache. However, they are more often found
in the Java Cache.

 

[David H. Lipman]

From: "Wilbur Post" <[email protected]>


|
| I also get these viruses in my Sun Java cache (like the previous poster)
| and use Avast to clean them up. They probably are in some porn sites I
| visit - LOL! Is there any danger in these things?

Hairy Hands ;-)

 

[optikl]

I also get these viruses in my Sun Java cache (like the previous poster)
and use Avast to clean them up. They probably are in some porn sites I
visit - LOL! Is there any danger in these things?

Probably. If you execute them. Porn sites are ripe with malware. This
should not be news.

 

[kurt wismer]

all over the joint! I just did a Trend Micro sysclean and it didn't find
anymore. I'm going to run another scan with AVG and see if Avast missed
any.

Why is it only in the Sun Java cache that these viruses are found?

java trojans would, realistically, be stored in the java cache along
with all the other java code you encounter while browsing...

 

[kurt wismer]

Wilbur Post wrote:
[snip]

I also get these viruses in my Sun Java cache (like the previous poster)
and use Avast to clean them up. They probably are in some porn sites I
visit - LOL! Is there any danger in these things?

there might be if a vulnerability in the java virtual machine is found,
otherwise java based malware should only be annoying...

it would probably be a good idea to make sure you're running the latest
jvm, just in case...

 

[David H. Lipman]

From: "kurt wismer" <[email protected]>


| there might be if a vulnerability in the java virtual machine is found,
| otherwise java based malware should only be annoying...
|
| it would probably be a good idea to make sure you're running the latest
| jvm, just in case...
|
| --
| "they threw a rope around yer neck to watch you dance the jig of death
| then left ya for the starvin' crows, hoverin' like hungry whores
| one flew down plucked out yer eye, the other he had in his sights
| ya snarled at him, said leave me be - i need the bugger so i can see"



Examples:
Exploit-ByteVerify
Which exploits "Flaw in Microsoft VM Could Enable System Compromise" K816093

JS/Exploit-MhtRedir , Exploit-MhtRedir.gen
http://www.microsoft.com/security/incident/download_ject.mspx

JS/Exploit-DialogArg.b
Cumulative Patch for Internet Explorer (Q323759)

 

[Jafo]

From: "Wilbur Post" <[email protected]>
| I also get these viruses in my Sun Java cache (like the previous poster)
| and use Avast to clean them up. They probably are in some porn sites I
| visit - LOL! Is there any danger in these things?

Hairy Hands ;-)

Or worse, he could go blind.