Java Trojans & Fake Windows Updates??

Having difficulties with AvCanada Forums, the internet etc.. ask your questions here.

Moderators: ahramin, sky's the limit, sepia, Sulako, North Shore

Post Reply
Message
Author
TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

Java Trojans & Fake Windows Updates??

#1 Post by TTail » Fri Feb 18, 2005 9:06 pm

The past 2-3 days my computer at times was found to be tasking heavily without any activity from me. I suspected a virus and ran a full scan with F-Secure. Sure enough I found a few trojans all were related to my Java folder and all were within archives (.zip files) and therefore F-Secure couldn't disinfect/delete them. I manually dug them out and deleted them myself. The archives were as follows:

classload.jar-76ba5970-6720b385.zip

javainstaller.jar-3cc46f89-70472a69.zip

archive.jar-158279a4-4fff9aef.zip

F-Secure called these "destructive programs" and "trojan-downloader.java.openstream" etc etc

I'm curious if anyone is familiar with these trojans and as to how they were obtained and how to properly get rid of them. As I stated, I have manually deleted them and have run a couple of regcleaners.

Right before I noticed my problems I did a Windows Update, I had the little yellow shield pop up in my taskbar stating there were updates so I clicked it. I have read some cases on the internet of 'fake' or 'bogus' windows updates. Anyone have information regarding this??

I also use Limewire for downloading files

Thanks

LJD
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#2 Post by TTail » Fri Feb 18, 2005 9:09 pm

PS - I saved the "Scanning Report" from F-Secure which has full details of the scan and the files it found along with the actions it tried to take in case it helps.

Thanks again
---------- ADS -----------
  

User avatar
mculshaw
Rank 2
Rank 2
Posts: 84
Joined: Tue Feb 17, 2004 6:24 am
Location: Southern Ontario
Contact:

#3 Post by mculshaw » Sat Feb 19, 2005 6:31 am

I just did a quicksearch on Google for:
javainstaller.jar

And it came up with a number of solutions for getting rid of them and possibly a bit of insight as to where they came from...

mc
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#4 Post by TTail » Sat Feb 19, 2005 6:48 am

Thanks for the info

Is javainstaller.jar related to what I had? I'm sifting through some of the info right now.

LJD
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#5 Post by TTail » Sat Feb 19, 2005 7:00 am

After reading some more it appears that was what I had. Anyone know how it ends up on your system? There was some info stating that it can get in through ActiveX and clicking yes to those popups (which I never do) and I'm also curious what these Trojans do? Does it give someone access to my PC?

LJD
---------- ADS -----------
  

User avatar
mculshaw
Rank 2
Rank 2
Posts: 84
Joined: Tue Feb 17, 2004 6:24 am
Location: Southern Ontario
Contact:

#6 Post by mculshaw » Sat Feb 19, 2005 12:22 pm

http://www.cluck.com/HTML_Articles/TrojanHorses.html

Here is a good resource that explains what the Trojan horse can do...
mc
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#7 Post by TTail » Mon Feb 21, 2005 2:56 pm

Thanks again.

I'm running a new virus program now. Seems F-Secure wasn't as good as I thought. The new program is finding things F-Secure never did!
---------- ADS -----------
  

. .
Rank 10
Rank 10
Posts: 2670
Joined: Mon Feb 16, 2004 12:53 am

#8 Post by . . » Mon Feb 21, 2005 3:05 pm

Try downloading Microsofts new anti spyware/trojan software. I got it about a month ago and i've found it to be pretty good. I use AVG for virus stuff, and the MS for spyware. Seems to keep my PC healthy.
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#9 Post by TTail » Mon Feb 21, 2005 3:34 pm

Thanks.

I found a BETA version of it. Do you have an official release or is yours the BETA as well. I'm trying out 'Panda Titanium Antivirus' right now, have you heard of it? I have heard of AVG maybe I should switch to that.
---------- ADS -----------
  

. .
Rank 10
Rank 10
Posts: 2670
Joined: Mon Feb 16, 2004 12:53 am

#10 Post by . . » Mon Feb 21, 2005 4:13 pm

Mine is the beta version also. I've never tried pandasoft stuff, so I can't speak as to how well it works. I've had a pretty good experience with AVG. It's free so perhaps it's worth a download, then you can decide which you like better.
---------- ADS -----------
  

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#11 Post by TTail » Mon Feb 21, 2005 7:45 pm

I'm impressed with Microsofts spyware software. It's got some good features. As for AVG, I'm trying it out. Hopefully just cause its free, its not lacking in any features that the others might carry. I'd rather not keep paying every year for some of this other crap though.

Thanks for the tips
---------- ADS -----------
  

Benwa
Rank 8
Rank 8
Posts: 844
Joined: Sun Feb 15, 2004 8:28 pm
Location: CYQB

#12 Post by Benwa » Tue Feb 22, 2005 7:26 am

Grisoft's AVG + Microsoft AntiSpyware Beta is the way to go.

Also, you should consider using Mozilla Firefox. Firefox does not run ActiveX, hence is a lot safer. I only use internet explorer to do Windows Updates as this is an ActiveX component.
---------- ADS -----------
  
--In his wrapup remarks, the FAA chief said, "If you think the safety bar is set too high, then your
standards are set too low."

TTail
Rank 7
Rank 7
Posts: 641
Joined: Mon Aug 02, 2004 11:18 pm

#13 Post by TTail » Tue Feb 22, 2005 11:44 am

Thanks Benwa,

I have been running Firefox for awhile now for those exact reasons. It's a way better browser than E. I will try out AVG and see how it goes. I saw some reviews saying BitDefender was good too.
---------- ADS -----------
  

Post Reply

Return to “Internet and Computer Help”