Trojan.Maljava

Trojan.Maljava is a harmful Trojan that will force itself inside your computer. Aside from anti-virus protection, it is also important that you must avoid other sources of this Trojan as described on this page.

Trojan.Maljava is a detection method developed to identify harmful Java files. The Trojan will attempt to infect a computer by exploiting one or more software and system weaknesses. This Trojan is effective on invading a target computer in various ways. Through JavaScript files that reside on every malicious web site, it will attack defenseless visitors. Other means to spread Trojan.Maljava is via spam email messages, instant messenger applications and peer-to-peer connections.

Damage Level: High

Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7

Characteristics
Once user executes a copy of Trojan.Maljava, it will drop several files. Defending on the variant, the infection may lead to different computer abnormalities that ranges from mild to severe. Some of the most common defect it can do to a system is explained as follows.

  • Internet browser redirection to explicit web sites
  • Disabled security applications particularly antivirus and firewall applications
  • Mass sending of spam email messages utilizing the compromised system as SMTP server
  • Clogged network and Internet traffic due to Trojan activities
  • Constant pop-up of advertisements when computer is online
  • Search results are redirected to unknown web pages

The most harmful type of this Trojan is the variant that contains a backdoor function. This kind of threat will open a doorway on infected computer to allow remote attacker to gain full access. With this line open, the attacker may perform several harmful actions including the following.

  • Download more threat on the compromised PC
  • Steal sensitive information such as user name and password
  • Monitor Internet activities
  • Log key presses and save the data to a text file
  • Connect to a remote host and update the configuration file of the Trojan
  • Gather essential data like computer name, operating system version, network setup, and hardware/software details

Distribution
Trojan.Maljava refers to a family of threats with a range of functionalities. They use differ in method of propagation. Some variants intend to use spam email messages to persuade users to open the attached script. Most of these emails are associated with fake notice about airline tickets and holiday greetings.

Some part of the Trojan utilizes unsecure file downloads. Peer-to-peer network connections are among the top favorite den of Trojan.Maljava. It uses this distribution method to target victims that are casually looking for free software download. The Trojan may disguise as popular software, program updates or program patches.

How to Protect Computer From Trojan.Maljava

Use security programs:
- Install a legitimate anti-virus program and make sure that it has the most recent updates.
- Use a firewall to block all unwanted incoming Internet traffic.
- Anti-malware program that don’t have conflict with installed AV program is advisable to be installed with real-time protection.

Updated antivirus program can detect and contain Trojan.Maljava. In the image below, you can see that Symantec Antivirus was able to quarantine the Trojan. It is placed in a safe location where it cannot be executed anymore.

Auto-Protect

Communication Precautions:
- Be cautious in opening e-mail attachments. Spam messages that pretend to be from a known source may contain infected attached files.
- Never click on a suspicious link sent through instant messaging programs.

How to Remove Trojan.Maljava

1. Temporarily Disable System Restore (Windows Me/XP). [how to]
2. To be able to identify even the most recent variant of Trojan.Maljava, open your antivirus application and update the virus definition file.

3. Start Windows in Safe Mode with Networking.
- From a power-off state, turn on the computer and press F8 on your keyboard repeatedly.
- Your computer will display Windows Advanced Boot Options menu. Please select Safe Mode with Networking.
- The system will boot Windows loading only necessary drivers and files.

4. Open your antivirus program and run a full system scan. After the scan, delete all infected items. If unable to delete, better place them in quarantine. Once the scan is complete, please proceed with the next step.

Scan with Norton Power Eraser:

Additional virus removal tool like Norton Power Eraser provides deep scanning technology to eliminate other threats not detected by a normal virus scan. Use this tool with extra caution.

5. Go to this link and download Norton Power Eraser.
6. Once the download completes, double click on the file NPE.exe to run the program.
7. It will prompt for End User License Agreement, click on Accept to continue.
8. On NPE main window, click on Scan. Then select Exclude Rootkit Scan. Click on Continue to proceed.
9. Virus scanning may take some time. After running the scan, NPE will display the scan result.

Important! If there are any detected threats under Suspicious, remove the check mark. Only threats in Detected category are necessary to remove at this point. Make sure that you mark the Create System Restore Point before proceeding with the fix.

10. Now click on Fix to start removing the threats including Trojan.Maljava remnants if there are any.
11. When done, Norton Power Eraser will restart the computer. Then after a reboot, it will initialize and display the eliminated threats.
12. You may now close Norton Power Eraser.

Alternative Removal Method for Trojan.Maljava

Option 1 : Use Windows System Restore to return Windows to previous state

If Trojan.Maljava enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before Trojan.Maljava infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.