I haven’t done a full scan proper in ages, but I just got a BSoD earlier so I thought I might as well. Avast found an amply supply of a variety of virii and exploits in “C:\Documents and Settings(user)\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar,” such as “classload.jar-28e8d1c5-7b7708cf.zip\GetAccess.class.” As it just so happens, I installed the Java Development Kit (JDK) for the first time today. I can’t figure out if these are normal files JDK put there, or if these are exploits Java Runtime Enviroment (which I’ve had installed for ages) let slip by. Incidentally, the earlier BSoD occured when Generic Host Processes (services.exe) requested access out to the internet and I allowed it-- no idea if that’s related or not; no virii were found in memory when I rebooted and scanned. Avast also claimed to find a Sober variant in a plain text IRC log that I hadn’t even touched in ages, so I’m a little skeptical of its diagnoses at the moment.

At any rate, can anyone confirm/deny if Avast is registering false positives with JDK’s program files?

Hi YudaiNao,

Try deleting the Java cache. You can do this from the Java console via Control Panel or use CCleaner- make sure you have the Java cache option ticked and run a clean up.

That answers my question-- I hadn’t realized this was just Java’s cache. I’ll have to remember to clear it from time to time, as it seems to be a great place for exploits and the like to lurk. Thanks, FreewheelinFrank!