The file JAVASUN.EXE is a computer worm.
The worm JAVASUN.EXE is a self-replicating malicious program,
which uses a computer network to send copies of itself to other computers.
You must fix the JAVASUN.EXE problem as soon as possible!
Delete the file JAVASUN.EXE from all infected computers in your network.
Set up your network firewall against JAVASUN.EXE intervention.
Malware Analysis of JAVASUN.EXE
Full path on a computer: %Appdata%\Java\javasun.exe
Detected by UnHackMe:
JAVASUN.EXE
Default location: %Appdata%\Java\javasun.exe
Removal Results: Success
Number of reboot: 1
JAVASUN.EXE is known as:
Worm.Shakblades, Worm.Shakblades.Vi.E+fTHGSE, Trojan.DownLoader10.50962, Worm.Rebhip.A, Worm.Shakblades, W32.Trojan.TNRN-0081, TScope.Trojan.VB, Win32.Ainslot.AA, PE:Trojan.VBInject.1.64FE, W32.Shakblades.QZA.worm, Worm.Pakes.BQC, Worm.Shakblades.abn
JAVASUN.EXE hash:
- MD5: 36cabf1a19f690dc3c78f7a66763abdc
How to quickly detect JAVASUN.EXE presence?
![]( "Registry")
Registry:
![]( "Folders")
Folders:
![]( "Files")
Files:
Registry:- HKLM\Software\Microsoft\Active Setup\Installed Components\{H6C788E7-Y381-AOB2-J2G7-8C82412UHM88}\StubPath: “%Appdata%\Java\javasun.exe”
- HKLM\Software\Microsoft\Windows\CurrentVersion\policies\Explorer\Run\Java sun: “%Appdata%\Java\javasun.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\Run\Java sun: “%Appdata%\Java\javasun.exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Java sun: “%Appdata%\Java\javasun.exe”
Folders:- %Appdata%\Java
Files:- %Appdata%\Administrator-wchelper.dll
- %Appdata%\Java\javasun.exe
- %Temp%\Administrator7
- %Temp%\Administrator8
- %Startup%\javasun.exe