Jump to content

Java Updater False Positive


Bastionpoint Technology

Recommended Posts

Hi -- I had MBAM block javacpl.exe this morning, identifying the 'Trojan.Dropper' also -- is this related?

i had trojan dropper today in java and also in system restore when ive scanned early this afternoon. system restore is a false positive aswell?

Link to post
Share on other sites

i started scanning around lunch time. it was updated then. took 4 hrs to scan so i guess i need to update it again to stop the false positive below is what came up

Files Infected:

c:\program files\common files\Java\java update\jaureg.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\program files\Java\jre6\bin\javacpl.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\program files\Java\jre6\bin\javacpl.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007511.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007512.exe (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007566.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\system volume information\_restore{b37680b2-ba0a-4e5d-bf30-83e44c588624}\RP58\A0007582.rbf (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

c:\WINDOWS\SYSTEM32\javacpl.cpl (Trojan.Dropper.pws) -> Quarantined and deleted successfully.

Link to post
Share on other sites

No need to do a full scan. Just right navigate to the folder - c:\program files\Java\jre6\bin\

Right click on it and have mbam scan it.

Now that I see your log, there's no need to do the scan. I can confirm it's the same false positive which we fixed earlier.

Link to post
Share on other sites

No need to do a full scan. Just right navigate to the folder - c:\program files\Java\jre6\bin\

Right click on it and have mbam scan it.

Now that I see your log, there's no need to do the scan. I can confirm it's the same false positive which we fixed earlier.

thanks alot. could you tell me what the system restore is and thats a f.p aswell along with the dropper in the windows

Link to post
Share on other sites

Archived

This topic is now archived and is closed to further replies.

  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.