Hi iflog,
If you are still experiencing this problem, let's calm down, take one step at a time, and make a game plan for resolving your problem. It is important that you understand that if this is a real threat identified by Microsoft Security Essentials (MSE), it is very important that you quarantine and eliminate the threat immediately.
Assess the threat: Identify the nature of the threat
Exploit:Java/CVE-2011-3544.B is malware that affects Java and its related systems. Because Java is platform independent, and can function in nearly all mainstream operating systems, these threats can be extremely severe. This one, in particular, is capable of infecting both Windows and Linux workstations and servers, and is not limited to the Sun Java in your Windows computer. The malware exploit was assessed to impact computers with IBM Java, Oracle Java, and most systems that have any version or derivative of Java 1.6.0* installed, Avaya VoIP systems, Apple Mac OS X, and so on were all at risk. Sun Systems released a patch to prevent the Java exploit in October and many OS vendors distributed this information to their customers. So severe and common is this one, that the U.S. Department of Homeland Security NIST rated the severity of this exploit to be 10.0 for both impact and exploitability.
"Allows unauthorized disclosure of information; Allows unauthorized modification; Allows disruption of service." - NIST, Department of Homeland Security website 10/2011
This is a major security penetration of your system that is easy for an attacker to use. In some cases, it will appear as a variant or fake anti-virus or anti-malware product.
Isolate, quarantine, and eliminate the exploit
MSE cannot handle the removal of the problem without the latest definitions and software. To further understand this, please consult with the
Microsoft Malware Protection Center regarding Java/CVE-2011-3544.B.
Make sure that both the signature definition database and the engine for Microsoft Security Essentials is up-to-date. If you have no idea how to do so, Link Removed due to 404 Error again, and begin to update the definitions from within the software.
- This step will help determine that the threat identified by MSE is legitimate and not a false positive.
- This thread may completely eliminate the threat from your system or eliminate the files creating the threat.
- If you still cannot eliminate the threat, it is time to call further software into action.
Eliminating the Threat in Safe Mode
If Microsoft Security Essentials cannot eliminate the threat, consider running MSE from Safe Mode. You can access your computer in Safe Mode, by restarting the computer, and repeatedly hitting the F8 key before the Windows logo screen appears on your computer. From the menu, select Safe Mode. Run MSE again and perform a complete scan of your system. There are contingencies if this does not work.
Download Malwarebytes
Install the software and run a full scan
Eliminate all threats that are found
Run MSE again.
OR
Microsoft Standalone System Sweeper Beta | Microsoft Connect
If All of the Above Steps Fail...
Malwarebytes will operate with Microsoft Security Essentials without any compatibility problems. If this does not solve the issue, uninstall MSE and replace it with a commercial anti-virus solution. I professionally recommend ESET Smart Security as a full solution without question. We sponsor this software at Windows7Forums.com specifically because of its detection rate, its advanced heuristics, and its enormous reliability.
Update Java Now and Keep it Automatically Updated
First, do yourself a favor with Java. Go to Start -> Search -> Java
In 64-bit Windows, it will come up in the Windows Search Index as Java (32-bit). Go ahead and open this up, go to the Update tab, and select Notify me: Before Installing.
Then, make sure the box for Check for Updates Automatically is flagged as selected.
Click on Advanced, and set the update check frequency to weekly or daily instead of monthly, and choose a time when you believe your computer will be on, but unlikely to be in use.
I highly recommend this so that you can prevent the possibility of Java exploits infiltrating your system again.
A lapse in timely updates being applied was likely a major contributor to this problem.
Delete Java's Temporary Internet Files under the same section in the General tab.
Make sure you are running the latest version of Java.
Under Java -> General -> About get your version information.
Today, on February 12, 2012, that version is Version 6 Update 30 (1.6.0_30-b12). That will likely change very soon, and in many cases, as soon as the next exploit is discovered.
Resources:
Link Removed - Invalid URL
