HEUR:Exploit.Java.CVE-2012-0507.gen detected, malware has been detected Options

[Rylant]

So after I came to the computer this morning, I had a Kaspersky message that my computer has been infected with malware. I see that a couple of other people have had similar experiences here, so I think I cleared my Java cache, and here is the screenshot of the report that Rich seems to be asking for. Any help here would be greatly appreciated.

Attached File(s)

 Kasp_1.JPG ( 119.35K ) Number of downloads: 43

 

[richbuff]

Please clear your Java cache: http://www.java.com/en/download/help/plugin_cache.xml

Then go to that location to insure that file is deleted. Then scan again. Any better?

[Rylant]

Please clear your Java cache: http://www.java.com/en/download/help/plugin_cache.xml

Then go to that location to insure that file is deleted. Then scan again. Any better?

Yep, this seems to have fixed it. Thanks Rich, I appreciate it.

[c-lehan]

Yep, this seems to have fixed it. Thanks Rich, I appreciate it.

Hi, I have a similar question (same issue). However, after I clear the cache, the files are still in the Temp folder. A re-scan still produces the same result: the HEUR:Exploit.Java.CVE-2012-0507.gen is detected. Any thoughts? Thank you.

[richbuff]

Welcome. Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

[c-lehan]

Welcome. Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.

Hi, Thanks.
After running a scan, Kaspersky states "Threats have been detected" Malware (see jpg_01). My choices are (see jpg_02). The detailed report shows (see jpg_03).
 jpg_01.jpg ( 53.25K ) Number of downloads: 18
 jpg_02.jpg ( 67.29K ) Number of downloads: 23
 jpg_03.jpg ( 42.16K ) Number of downloads: 21

[c-lehan]

Sorry, here's a better view of the detailed report:
 jpg_04.jpg ( 66.16K ) Number of downloads: 19


_{edit: del quote.}

This post has been edited by richbuff: 16.02.2013 06:54

[richbuff]

I can't see the File name, nor Path/Location.

Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

[c-lehan]

I can't see the File name, nor Path/Location.

Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

Sorry about that. While awaiting a reply, I re-scanned (Full Scan) and the threat is no longer there, so I cannot right-click on anything. Not sure why, since I did nothing other than scan another (4th, I believe) time. This is a good thing, however, I am still unsure if I have an issue or not. I say this because there are no threats displayed under the "Full Scan" but the "Vulnerability Scan" now displays "1 Threat" (see screen capture 1).

And, when I click on the "1 Threat" link, there is nothing in the list except 6 (greyed) Fixed Vulnerabilities (see screen capture 2); the "Vulnerable Applications" tab is empty. Now I am wondering why Kaspersky states "1 Threat" but has no line item entries associated with the threat or details about the threat, so I still do not know if I have an issue or not.

 Untitled_1.png ( 13.94K ) Number of downloads: 16
 Untitled_2.png ( 15.03K ) Number of downloads: 16

[richbuff]

That has been reported as a graphic user interface (GUI) bug. Keep your application and operating system up to date, and you are all good.

[c-lehan]

That has been reported as a graphic user interface (GUI) bug. Keep your application and operating system up to date, and you are all good.

Thanks for your help! Any thoughts as to what was originally going on? I don't know if the "HEUR:Exploit.Java.CVE-2012-0507.gen" was truly something dangerous or just something to do with the Java application? I am also curious as to why it could not be eradicated and now is?

The good thing is it looks like my computer is good; I only ask because sometimes a person reads about how some viruses cannot be detected but is appears that Kaspersky is on top of staying up to date.

Thanks again!

[richbuff]

You're welcome. My bottom line thought is to make sure that Oracle Java and all else is up to date.

Maybe it was false positive, maybe it took a reboot to get rid of it.