Avast keeps detecting what it thinks is a virus in my Sun Java package. I tried to remove it but Java uses it. However there is nothing malicious about it that I can see. FWIW, Ad-Aware doesn’t detect anything wrong with it.
How do I fix Avast so it won’t keep detecting that particular “virus”?
You could also check the offending/suspect file at: Jotti - Multi engine on-line virus scanner if any other scanners here detect them it is less likely to be a false positive. You can’t do this with the file in the chest, you will need to move it out.
Or VirusTotal - Multi engine on-line virus scanner
If it is indeed a false positive, add it to the exclusions lists (Standard Shield, Customize, Advanced and Program Settings, Exclusions) and check scan it periodically using the ashQuick scan (right click scan), when it is no longer detected then remove it from the exclusions.
Also see (Mini Sticky) False Positives
You should also ensure that you have the latest Sun Java, once installed you should uninstall the old version.
The information you provided above is very helpful.
Thanks.
What is the full filename and name of the detected virus?
I think you mean “full pathname”.
C:\WINNT\Profiles\rck\Application Data\Sun\Java\Deployment\cache\javapi\1.0\jar\javainstaller.jar-3c936701-4f29a551.zip
When I scanned it I told Avast to put it in the Chest. But I can’t find anything about any Chest and now Avast no longer flags it as a virus even though it is still present in the directory.
Also I ran those two online scanners and now they say different things from before. Apparently putting that file in the Chest did something to it.
BTW, I have an easy way to test Java online and it still works as it is supposed to, so I don’t believe putting the file in the Chest has caused a problem.
How do I find this “Chest” and remove stuff from it?
There is no rush to delete anything from the chest, they can’t do any harm there. Anything that you send to the chest you should leave there for a week or two. If after that time you have suffered no adverse effects from moving these to the chest, scan them again (inside the chest) and if they are still detected as viruses, delete them.
Putting the file in the chest will effectively stop access to it so it can’t be scanned by an on-line scanner.
Hi rcktexas :
Which Sun Java package do you have ? It does NOT
appear to be "J2SE Runtime Environment 5.0 Update 7"
which is the latest available from www.java.com/en .
On many antiSPYWARE forums it is recommended to
COMPLETELY remove ( uninstall, etc ) all outdated
versions of Sun's Java because they are susceptible to
many malware, particularly the Virtumonde "infection" .
I currently have Java 2 Platform Standard Edition 5.0 Update 2.
I tried to install the latest version of Java a few months back after removing the old one, but there was an install bug with Win2K. Sun acknowledged the bug. Fortunately I had made a clone of the disk so I swapped it to recover.
I rarely use Java so it’s no big deal to me which update I have.
BTW, the actual class file that Avast was fussing about is:
\javainstaller\InstallerApplet.class
Earlier I gave you just the archive filename.
It would appear that Avast went into the ZIP archive and removed the offending class file to the Chest and left all the rest alone. Clever of Avast to do that.
I tested Java and it still works OK, so all’s well that ends well. If I run into a problem later I will try to install the latest edition. Maybe by then the installer will work.
I rarely use Java so it's no big deal to me which update I have.
The big deal is when the updates are for security reasons, so perhaps it is time to take another image of your disk and try again.