Jump to content

Search the Community

Showing results for tags 'Java'.

  • Search By Tags

    Type tags separated by commas.
  • Search By Author

Content Type


  • Announcements
    • Malwarebytes News
    • Beta Testing Program
  • Malware Removal Help
    • Windows Malware Removal Help & Support
    • Mac Malware Removal Help & Support
    • Mobile Malware Removal Help & Support
    • Malware Removal Self-Help Guides
  • Malwarebytes for Home Support
    • Malwarebytes for Windows Support Forum
    • Malwarebytes for Mac Support Forum
    • Malwarebytes for Android Support Forum
    • Malwarebytes for iOS Support
    • Malwarebytes Privacy
    • Malwarebytes Browser Guard
    • False Positives
    • Comments and Suggestions
  • Malwarebytes for Business Support
    • Malwarebytes Nebula
    • Malwarebytes Nebula Modules
    • Malwarebytes Endpoint Security
    • Other Malwarebytes Business Products
    • Malwarebytes Business Products Comments and Suggestions
  • Malwarebytes Tools and Other Products
    • Malwarebytes AdwCleaner
    • Malwarebytes Junkware Removal Tool Support
    • Malwarebytes Anti-Rootkit BETA Support
    • Malwarebytes Techbench USB (Legacy)
    • Malwarebytes Secure Backup discontinued
    • Other Tools
    • Malwarebytes Tools Comments and Suggestions
  • General Computer Help and Security Updates
    • BSOD, Crashes, Kernel Debugging
    • General Windows PC Help
  • Research Center
    • Newest Rogue-Ransomware Threats
    • Newest Malware Threats
    • Newest Mobile Threats
    • Newest IP or URL Threats
    • Newest Mac Threats
    • Report Scam Phone Numbers
  • General
    • General Chat
    • Forums Announcements & Feedback

Find results in...

Find results that contain...

Date Created

  • Start


Last Updated

  • Start


Filter by number of...


  • Start





Website URL






  1. I updated to Libreoffice V today. When I tried to select the Java Runtime environment I immediately received the following error in the attached file. I tried to add the file to the allow list but nothing worked. The download was directly from the Libreoffice site at https://www.libreoffice.org/download/download/ . I ave been using LibreOffice for a ling time with no issues.
  2. Hello, all. In the process of making my first route on Trainz using TransDEM, and have followed all the steps in the tutorial, up to the point where i need to open Java OpenStreet Map (JOSM). This, however, is where i ran into an issue, as Malwarebytes is blocking it, saying it's an exploit. Even putting the .jar file on the allow list did not solve this issue. Here is the report below Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/20/20 Protection Event Time: 3:44 PM Log File: e46b0fba-e325-11ea-8374-1c1b0d44956b.json -Software Information- Version: Components Version: 1.0.1003 Update Package Version: 1.0.28789 License: Premium -System Information- OS: Windows 10 (Build 18362.900) CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, C:\Users\Chase Ford\Documents\powershell -Command [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[System.Net.WebRequest]::Create('https:\roottest-g2.pkioverheid.nl').GetResponse(), Blocked, 0, 392684, 0.0.0, , -Exploit Data- Affected Application: Java Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Users\Chase Ford\Documents\powershell -Command [Net.ServicePointManager]::SecurityProtocol = [Net.SecurityProtocolType]::Tls12;[System.Net.WebRequest]::Create('https:\roottest-g2.pkioverheid.nl').GetResponse() URL: (end)
  3. I wrote a simple Java program program controlled by a local file which switches my default audio device. The program is quite simple (I wrote it in five minutes), and is not dangerous in any way: import java.io.File; import java.io.FileInputStream; import java.io.FileOutputStream; import java.io.IOException; import java.io.InputStream; public class Main { public static void main(String[] args) throws IOException { File file = new File("C:\\Users\\Peter Orlowski\\switch.txt"); FileInputStream in = new FileInputStream(file); byte[] buffer = new byte[in.available()]; in.read(buffer); in.close(); String s = new String(buffer); Process process; if (s.equalsIgnoreCase("hp")) { FileOutputStream out = new FileOutputStream(file, false); out.write("tv".getBytes()); out.flush(); out.close(); process = Runtime.getRuntime().exec("nircmd setdefaultsounddevice SCEPTRE-TV 1"); } else { FileOutputStream out = new FileOutputStream(file, false); out.write("hp".getBytes()); out.flush(); out.close(); process = Runtime.getRuntime().exec("nircmd setdefaultsounddevice Speaker/HP 1"); } System.out.println("----- PROCESS-OUTPUT -----"); InputStream in1 = process.getInputStream(), err = process.getErrorStream(); while (process.isAlive()) { while (in1.available() > 0) { byte[] b = new byte[in1.available()]; System.out.println(new String(b)); } while (err.available() > 0) { byte[] b = new byte[err.available()]; System.err.println(new String(b)); } } } } I used Launch4J to wrap the program in an executable (exe) file so I could set a custom file icon. Whenever I try this my program, however, Malwarebytes quarantines it as malware. Here is the report: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 11/28/19 Protection Event Time: 9:06 PM Log File: d832e3e4-124c-11ea-8a3d-d0bf9c1cf11c.json -Software Information- Version: Components Version: 1.0.629 Update Package Version: 1.0.13583 License: Premium -System Information- OS: Windows 8.1 CPU: x64 File System: NTFS User: System -Blocked Malware Details- File: 1 MachineLearning/Anomalous.95%, C:\Users\Cardinal System\Desktop\AudioSwitch.exe, Quarantined, [0], [392687],1.0.13583 (end) Is there any way I can stop Malwarebytes from quarantining this? Perhaps there's a whitelist? Maybe I can change something in my code? I have two other Java programs I wrote which are wrapped in executable, and Malwarebytes does not bother them at all...
  4. I'm running Windows Server 2008 with the latest MALWARE BYTES version. I cannot find the way to stop this exploit... Malware.Exploit.Agent.Generic, Java malicious inbound socket detected This continually stops the Ubiquity Controller from functioning correctly. How can I correct this so i cna use MalwareBytes? Right now I have to turn it off for the Controller to work and the latest post that i saw were from 2014. HELP!!
  5. After purchasing Malwarebytes, I noticed my java development environment (playframework) recompile time on code change double from 10s to 20s, despite the dev directory being completely excluded. My morning ritual is now to startup my computer and quit Malwarebytes. This link seems to suggest it is the self-protection module that causes the slowdown. I assume it is the java process that is causing the issue but I don't want to exclude java because I assume java could be unsafe and should be monitored as long as it is not called from my dev directory. (Note that there is another issue here that appears to be a similar issue that support may want to handle at the same time.) How do I have malwarebytes on safely without impact to java compile time under a completely whitelisted directory?
  6. Hi M Community - I put an old desktop I had not used for some time thru a complete scrub. Clean, cept 2 issues which I cannot explain: 1xJava Exploit (2010-0840): Unexpected. Unit had been Java updated regularly. Updated to Version 5.20 (vulnerability patched) back in April 2010. Can java exploits download onto a computer with updated/patched system? Is a java exploit on a patched system harmless? Hitmanpro found inactive remnants of Zeroaccess (registry keys). I once removed a Ukash infection using system restore + AV/MBAM but that was the only active infection I previously found on this computer - nothing else ever found. Why were remnants found of an infection that was never found/removed? HMP responded saying these remnants may have been part of the Ukash but still doesnt explain the remnants... or could the remnants have survived the restore? All input/suggestions welcome...
  7. Malwarebytes flags an exploit event if I try to run/debug a file from the Netbeans IDE that involves spawning the tomcat process. I've flagged all the executables and directories involved under exceptions, and disabled the java protection, yet it still causes an issue. Interestingly, if I kill MB, start the process, then restart MB it's all fine until the next time I restart the IDE - go figure. Any clues on what I can do to prevent this? Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 8/1/17 Protection Event Time: 11:36 AM Log File: Administrator: Yes -Software Information- Version: Components Version: 1.0.160 Update Package Version: 1.0.2482 License: Premium -System Information- OS: Windows 7 Service Pack 1 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [392684],0.0.0 -Exploit Data- Affected Application: cmd Protection Layer: Application Behavior Protection Protection Technique: Exploit payload process blocked File Name: C:\Windows\system32\cmd.exe cmd \C exit \B 0 URL: (end)
  8. My windows 10 computer was suddenly extremely slow and kept freezing after a few minutes after starting up. I noticed that the disc in the taskmanager was at 100% all the time and that thousands of "Java Web Launcher" were running in the background, multiplying untill they hit 8000 and my pc froze. I ran the java uninstaller tool (java was scaring me) in save mode, since my computer was inoperable but the uninstaller failed. Also, I have already reverted back to the only restoration point I had from two days ago, but this didnt resolve the issue. If anyone can help me I would be so grateful.
  9. Hello, I have NVIDIA GPUs in my Windows 10 machine. FYI, when I go to NVIDIA's web site to check if I have the latest drivers, Internet Explorer and Firefox stop working. The errors lead back to MalwareBytes web protection. When I turn it off, the Java works. Is there any way to whitelist this site?
  10. MWAB is not honoring whitelisted websites, and continues to block (business critical) java apps from running on those sites. If web protection is completely disabled, sites work fine. Version: Component Package: 1.0.96 Update Package: 1.0.1666 Windows 10 Enterprise
  11. I keep getting this almost every second: Malwarebytes www.malwarebytes.com -Log Details- Protection Event Date: 1/27/17 Protection Event Time: 9:44 AM Logfile: Java Exploit.txt Administrator: Yes -Software Information- Version: Components Version: 1.0.50 Update Package Version: 1.0.1111 License: Premium -System Information- OS: Windows 10 CPU: x64 File System: NTFS User: System -Exploit Details- File: 0 (No malicious items detected) Exploit: 1 Malware.Exploit.Agent.Generic, , Blocked, [0], [-1],0.0.0 -Exploit Data- Affected Application: Java Protection Layer: Application Behavior Protection Protection Technique: Java malicious inbound socket detected File Name: URL: (end) I am pretty certain this is related to the UniFi controller that I have running on my computer. Need to track it down and get more info then what the report and log in Malwarebytes is providing, to make sure that is the correct program. Also, how come there is no ability to grant an exception when the pop-up comes up?
  12. When searching to play a game, i came across this website. On the landing page (http://www.wurmonline.com/) there was this normal looking play button. This did not seem anything out of normal at all so clicked it. imediately something started downloading on my computer. It felt abnormal to just download without even mentioning it, so i stopped the download. I did a quick search if there was anything malicious related to this site, but no real mentions i found. So my thought was this may be the .exe required to run this game. at this point I think i must have continued the dowload (wurmclient (.jnlp)). From the moment it was on my pc i got this pop-up of an out dated java. the window looked somewhat strange to me with the logo of an alarm that looked dodgy. So, in my taskmanager i looked and the proces was named "Javaws.exe *32". Believe this could be an infection for what i found online. I haven't touched the pop-up yet. what are the steps i have to take now? What information should i provide? Should i alarm this website now somewhere somehow? Excuse my bad english. Thanks much in advantage for any help. P.
  13. We have users running Windows 7 and since updating to Java 8u101 IE 11 crashes when loading applets. If I turn off the Malwarebytes service, all is good. Any know issues I should be aware of? Can I configure an exception for this? (I don't really want to, but if I must...) Regards
  14. I am working on the finishing touches of our policy and have been going down the Administration guide for each single option in the Advanced Ant-Exploit Settings. I know that most users use or have java "Ugh" on their systems. My question is regarding the Java Protection options, Do the below options have a high false positive history, if not is there anything I need to be aware of that they might interfere with on the clients? • Java Malicious Inbound Shell Protection is designed to detect and prevent remote shell exploits whose payloads rely on inbound sockets. • Java Malicious Outbound Shell Protection is tasked with detection and prevention of remote shell exploits whose payloads rely on outbound sockets. • Java Metasploit/Meterpreter Generic Protection is designed to generically detect and prevent attempts to use the Metasploit Java/Meterpreter payload. • Java Metasploit/Meterpreter Command Execution Protection is tasked with detecting and blocking commands in an established Java/Meterpreter session. Running Management Console on Windows Server 2008 R2 Clients connect via VPN Secure Client, using windows 7, 8, 10. Some clients in office, not using VPN. Any tips or tricks on this would be greatly appreciated, I am completely re-engineering my company's systems and network security after the IT vendor failed on every level to do so; while charging an arm and a leg for the failed service "Before I was hired".
  15. The issue I have is that I have been remotely updating a 2 year old laptop that belongs to my fiancee's mother so her son can play Minecraft, She lives in the U.S. and I'm a U.K. resident. Everything was going fine until I noticed the CPU suddenly started hitting 100% and staying there. Here's a list of what I had done before this happened: - Installed Opera browser with adblock. - Updated all Java platforms (32 and 64 bit) including online and offline versions. - Adjusted the performance settings to best performance in advanced settings. - Replaced AVG with Avast which updated and ran an initial scan showing no sign of infection. - Installed, updated and ran malwarebytes which found 7 objects but quarantined them. - Downloaded FTB launcher from Mojang. This ran very well before that. - Downloaded VLC media player (which is where I think I got it from). This is what I have had her do: - Start-up in safe mode. - Uninstall Chrome, VLC and Firefox. - Open up IE and disable and suspicious add-ons. - Uncheck IE from the Windows features. - The javaws.exe32 is not showing up in safe mode. - She is currently running malwarebytes again in safe mode and I intend on getting her to so this a few times. Can someone tell me if there is a way to permanently remove this virus from the system. An issue I have is that this is going to have to occur via written instructions to her or through Teamviewer so I can remotely access her system. Any help would be appreciated. Thanks in advance.
  16. Hi, When using the proxy JonDo, MBAE marks it as an exploit of Java. Here is the website for the service/program. https://anonymous-proxy-servers.net/en/jondo.html Attached you will find my logs. I am using Windows 7 x64 and MBAE version Thanks! Malwarebytes Anti-Exploit.zip
  17. Hi One of my statistical applications - SPSS - has its own JRE. I've attached the processes while SPSS is running. As soon as I close things I get an alert of an exploit blocked - "An exploit code has been blocked in Java". Assuming it must be the way java.exe, javaw.exe shuts itself down. This is certainly a "false positive". Thanks!
  18. I have a gaming java application that is executed from a batch file. When I run it, the shielded applications counter doesn't increment which leaves me concerned. JPCSP download: http://buildbot.orphis.net/jpcsp/ Although I am running 64-bit Windows 8.1, I am running 32-bit JRE and JPCSP. I could also reproduce this on another PC running Windows 7 x64. Malwarebytes Anti-Exploit.zip
  19. Hi there. Occasionally MBAE will throw a false positive when starting the JAP/JonDo proxy. As said, I'm using MBAE, and I'm using JAP/JonDo 00.19.001. This is the URL for the JAP/JonDo project. http://anon.inf.tu-dresden.de/index_en.html I'm using Java Version 7, update 71, (build 1.7.0_71-b14), on Windows 7 64 bit professoinal. This was happening occasionally with MBAE 1.04, but it's still happening with the newest version. Not every time, maybe 15% of the time I start JAP.
  20. Just thought I'd let the folks at Malwarebytes know that the first two times I tried to start my Minecraft server after installing MBAE, MBAE blocked the server's attempt and binding to port 25565 as an exploit attempt. On my third try without making changes, I was able to launch the server. Every following time since then, I have been able to start the server with no problem whatsoever, but I thought I should let you guys know of this. My Minecraft server is not a vanilla server, and uses Spigot (Bukkit derivative) with several plugins.
  21. Hi, Today I scanned my computer and MBAM found javaws.exe and called it a Backdoor.Bot. I'm thinking this is a false positive because a little research said that it was Java Web Start. It is digitally signed by Sun Microsystems, Inc. In the zipped attached you will find the log file and the detected object. The object was found here: C:\Windows\System32\javaws.exe
  22. I am getting clobbered by pop ups even from the malwarebytes site. Can't really access the site due to this problem. Had to get my iPad out to enter this. Constant warnings to update have and windows tools. Never got these warnings before loading this program. My computer is getting worse and worse. Also, I bought the paid program but my program shows trial. I can't even function watching espn due to constant malware bytes warnings and pop ups. This is really bad. I am worse off after buying this as opposed to not having it.i need help. Thank you
  23. Hello, I was trying Spotflux Free VPN software. I got 2 alert from Malwarebytes Anti-Exploit BETA. first one is from installition. Second one is when I want to open Spotflux VPN. It says "Exploit attempt blocked".. What is malicious in Spotflux Free VPN ? Can you infrom me about this issue ? Thanks yigido
  24. Java 2 Platform Standard Edition (J2SE) software is the premier platform for rapidly developing and deploying secure, portable applications that run on server and desktop systems spanning most operating systems. J2SE 6.0 is a significant release including many new features and updates while preserving compatibility and stability. The development of J2SE 6.0 was led by Sun and progressed following the Java Community Process (JCP) to include input from a variety of constituents. Java allows you to play online games, chat with people around the world, calculate your mortgage interest, and view images in 3D. These applications, written in the Java programming language and access from your browse, are called "applets". Corporations also use Java applets for intranet applications and other e-business solutions. Java technology was created as a computer programming tool in a small, secret effort called "the Green Project" at Sun Microsystems in 1991. As it turns out, the Internet was ready for Java technology, and just in time for its initial public introduction in 1995, the team was able to announce that the Netscape Navigator Internet browser would incorporate Java technology. Now, the Java platform has attracted over 5 million software developers, worldwide use in every major industry segment, and a presence in a wide range of devices, computers, and networks of any programming technology. Today, you can find Java technology in networks and devices that range from the Internet and scientific supercomputers to laptops and cell phones, from Wall Street market simulators to home game players and credit cards -- just about everywhere. The best way to preview these applications is to explore java.com, the ultimate marketplace, showcase, and central information resource for businesses, consumers, and software developers who use Java technology. Key features: • Write software on one platform and run it on practically any other platform • Create programs to run within a web browser and web services • Develop server-side applications for online forums, stores, polls, HTML forms processing, and more • Combine Java technology-based applications or services to create highly customized applications or services • Write powerful and efficient applications for mobile phones, remote processors, low-cost consumer products, and practically any device with a digital heartbeat Product Info: Sun Java™
  25. Hi all, When using Eclipse with MBAE installed and running, I tried to run Maven via Eclipse. It was blocked as an exploit. I looked into the Logs, and the exploit was "cmd.exe blocked from executing through Java". The path I used to run Maven was: RightClick on project file-Run As-Maven Install. I ended up temporarily disabling MBAE and then it worked fine. -Joe Warren
Back to top
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.