IPB

Welcome Guest ( Log In | Register )

 
Closed TopicStart new topic
> HEUR:Exploit.Java.CVE-2012-0507.gen detected, malware has been detected
Rylant
post 7.01.2013 00:13
Post #1


Newbie
*

Group: Members
Posts: 7
Joined: 28.05.2012




So after I came to the computer this morning, I had a Kaspersky message that my computer has been infected with malware. I see that a couple of other people have had similar experiences here, so I think I cleared my Java cache, and here is the screenshot of the report that Rich seems to be asking for. Any help here would be greatly appreciated.

Attached File(s)
Attached File  Kasp_1.JPG ( 119,35K ) Number of downloads: 75
 
Go to the top of the page
 
+Quote Post
richbuff
post 7.01.2013 05:37
Post #2


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000790
Joined: 14.06.2007




Please clear your Java cache: http://www.java.com/en/download/help/plugin_cache.xml

Then go to that location to insure that file is deleted. Then scan again. Any better?


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
Rylant
post 7.01.2013 06:42
Post #3


Newbie
*

Group: Members
Posts: 7
Joined: 28.05.2012




QUOTE(richbuff @ 7.01.2013 04:37) *
Please clear your Java cache: http://www.java.com/en/download/help/plugin_cache.xml

Then go to that location to insure that file is deleted. Then scan again. Any better?


Yep, this seems to have fixed it. Thanks Rich, I appreciate it.
Go to the top of the page
 
+Quote Post
c-lehan
post 13.02.2013 19:09
Post #4


Newbie
*

Group: Members
Posts: 5
Joined: 13.02.2013




QUOTE(Rylant @ 7.01.2013 05:42) *
Yep, this seems to have fixed it. Thanks Rich, I appreciate it.


Hi, I have a similar question (same issue). However, after I clear the cache, the files are still in the Temp folder. A re-scan still produces the same result: the HEUR:Exploit.Java.CVE-2012-0507.gen is detected. Any thoughts? Thank you.
Go to the top of the page
 
+Quote Post
richbuff
post 14.02.2013 04:49
Post #5


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000790
Joined: 14.06.2007




Welcome. Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
c-lehan
post 16.02.2013 05:25
Post #6


Newbie
*

Group: Members
Posts: 5
Joined: 13.02.2013




QUOTE(richbuff @ 14.02.2013 03:49) *
Welcome. Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.

How to take and post screenshot: PrtSc (Print screen) key (upper right part of keyboard)> open Paint (Start > All programs > Accessories) > Edit > Paste, File > Save as (jpeg or
png, Not bmp). When replying, Browse > click once to select file > Open > Upload > add reply.


Hi, Thanks.
After running a scan, Kaspersky states "Threats have been detected" Malware (see jpg_01). My choices are (see jpg_02). The detailed report shows (see jpg_03).
Attached File  jpg_01.jpg ( 53,25K ) Number of downloads: 45
Attached File  jpg_02.jpg ( 67,29K ) Number of downloads: 45
Attached File  jpg_03.jpg ( 42,16K ) Number of downloads: 38
Go to the top of the page
 
+Quote Post
c-lehan
post 16.02.2013 05:30
Post #7


Newbie
*

Group: Members
Posts: 5
Joined: 13.02.2013




Sorry, here's a better view of the detailed report:
Attached File  jpg_04.jpg ( 66,16K ) Number of downloads: 38


edit: del quote.

This post has been edited by richbuff: 16.02.2013 06:54
Go to the top of the page
 
+Quote Post
richbuff
post 16.02.2013 06:55
Post #8


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000790
Joined: 14.06.2007




I can't see the File name, nor Path/Location.

Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
c-lehan
post 16.02.2013 09:51
Post #9


Newbie
*

Group: Members
Posts: 5
Joined: 13.02.2013




QUOTE(richbuff @ 16.02.2013 05:55) *
I can't see the File name, nor Path/Location.

Please post the full, complete detection details. Post screenshot of Reports > Detailed Report > Detected threats.
Right click the Detected bar, and insure Path is selected. Right click the Detected bar again and insure File is selected.
Then post the screenshot with columns widened to show full detected and name and object and path/location details.


Sorry about that. While awaiting a reply, I re-scanned (Full Scan) and the threat is no longer there, so I cannot right-click on anything. Not sure why, since I did nothing other than scan another (4th, I believe) time. This is a good thing, however, I am still unsure if I have an issue or not. I say this because there are no threats displayed under the "Full Scan" but the "Vulnerability Scan" now displays "1 Threat" (see screen capture 1).

And, when I click on the "1 Threat" link, there is nothing in the list except 6 (greyed) Fixed Vulnerabilities (see screen capture 2); the "Vulnerable Applications" tab is empty. Now I am wondering why Kaspersky states "1 Threat" but has no line item entries associated with the threat or details about the threat, so I still do not know if I have an issue or not.

Attached File  Untitled_1.png ( 13,94K ) Number of downloads: 33
Attached File  Untitled_2.png ( 15,03K ) Number of downloads: 34
Go to the top of the page
 
+Quote Post
richbuff
post 16.02.2013 10:55
Post #10


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000790
Joined: 14.06.2007




That has been reported as a graphic user interface (GUI) bug. Keep your application and operating system up to date, and you are all good.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post
c-lehan
post 16.02.2013 20:58
Post #11


Newbie
*

Group: Members
Posts: 5
Joined: 13.02.2013




QUOTE(richbuff @ 16.02.2013 09:55) *
That has been reported as a graphic user interface (GUI) bug. Keep your application and operating system up to date, and you are all good.


Thanks for your help! Any thoughts as to what was originally going on? I don't know if the "HEUR:Exploit.Java.CVE-2012-0507.gen" was truly something dangerous or just something to do with the Java application? I am also curious as to why it could not be eradicated and now is?

The good thing is it looks like my computer is good; I only ask because sometimes a person reads about how some viruses cannot be detected but is appears that Kaspersky is on top of staying up to date.

Thanks again!
Go to the top of the page
 
+Quote Post
richbuff
post 17.02.2013 05:03
Post #12


Are You Kidding?
*****************

Group: Global moderators

Posts: 1000790
Joined: 14.06.2007




You're welcome. My bottom line thought is to make sure that Oracle Java and all else is up to date.

Maybe it was false positive, maybe it took a reboot to get rid of it.


--------------------
Please see the Important topics, located at the top of this section, and at the top of other sections of this forum.
Go to the top of the page
 
+Quote Post

Closed TopicStart new topic

 



Lo-Fi Version Time is now: 20.12.2014 00:57