Trojan.Maljava - How to remove?
Trojan.Maljava (Symantec) or Mal/JavaCmC (Sophos) is Java – based Trojan parasite that can target both PCs and Macs. Current Maljava version uses same vulnerability on both platforms, which is allready closed on patched up versions of all OSes. You can get attacked by this trojan if you visit exploit pages, which can be hosted on usually harmless, but infected websites.
If your system is vulnerable to Trojan.Maljava, the trojan will download and execute an executable or Python script (depending on OS version). This script will install a backdoor to your PC, which allows botnet owners to control your PC in the way they wish. The Backdoor trojan, used by Maljava allows accessing CPU, Disk, Memory details and installing/executing new executables, accessing your files and documents. Some of the trojans using this exploit are responsible for redirection and clickjacking like notorious Happili redirect or Flashback Mac trojan. To avoid detection, the malware encrypts the traffic.
The Trojan.Maljava infection is easy prevented by using antivirus and having patched versions of Java and OS. Apple does not provides patches for OS versions below Snow Leopard, so you should upgrade. It is highly advisable to turn Java off if you do not use it as well.
To confirm that you were infected by Trojan.Maljava do following:
- On Apple system, check for the files /Users/Shared/update.sh and /Users/Shared/update.py . These can be deleted safely. You should use antivirus software on Mac as well.
- On PC Scan with anti-malware programs like Spyhunter and check for file ntshrui.dll .
Automatic Trojan.Maljava removal tools
Manual Trojan.Maljava removal
Important Note: Although it is possible to manually remove Trojan.Maljava, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend using TDSSKiller or other tools found on 2-viruses.com.
It is impossible to list all file names and locations of modern parasites. You can identify remaining parasites, other Trojan.Maljava infected files and get help in Trojan.Maljava removal by using TDSSKiller scanner.