MSE identified Exploit:Java/CVE-2010-0840

Discussion in 'Malware Help - MG (A Specialist Will Reply)' started by chezybezy, Apr 15, 2013.

  1. chezybezy

    chezybezy Private E-2

    having a little hickup on one of my laptops (alternate post) so decided to run a virus scan (both currently using "Microsoft Security essentials" since i switched from AVG (was that a bad idea?????)) on other pcs in the house. my mums laptop (32bit Vista HP) identified numerous (100s i think!) files but when i clicked show more (or some such) i was presented with a screen listing only one instance (i wonder if that does NOT mean one file?) with issues.
    i had a quick google and nothing noteworthy appeared so i chose to let the antivirus to remove the 'one' issue.

    The MSE History Log is as follows:


    "Exploit:Java/CVE-2010-0840, Severe, 15/04/2012 23:58, Removed"
    "Items:
    containerfile:C:\Users\NAME\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2fc1f1cd-19e530c1
    file:C:\Users\NAME\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2fc1f1cd-19e530c1->been/lipa.class
    file:C:\Users\NAME\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\13\2fc1f1cd-19e530c1->plugin/sportGame.class

    Get more information about this item online."
    NAME = the users login name.

    ---

    i did notice that somewhere online someone said something about outdated java instances, could i be possible that the one instance of java (v6 i think) is what triggered this and is therefore a false positive?

    i removed the older version of java listed in add / remove progs. and have checked if java is up to date (javas own online checker).

    ---

    CCleaner - run. (CLEANING COMPLETE - (104.810 secs)).

    RogueKiller - ran as admin, opened a window so i pressed "Scan" a report was then

    produced, i then just exited the program. (attached)

    Malwarebytes - ran, log file produced apparently no results so i couldn't click remove

    everything as informed to do so. (attached).

    tdsskiller - ran, non found, closed, (attached)

    hitmanpro - ran, did upload a few files for itself to the cloud (were googlebased stuff, gogole voice etc), found nothing, (attached)

    MGTools, ran, was asked to confirm something for hijackthis (i think) looked like a normal disclaimer launched system info window (with bits like refreshing system info windows error reporting adapter etc, these logs were from a zip file dumped on the desktop (attached)
     

    Attached Files:

    Last edited: Apr 15, 2013
    chezybezy, Apr 15, 2013
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You are not having malware problems. Your logs are all clean.

    Exploits are not malware. They are signs of out of date software or scripts for software ( like Java ).

    Since you are not having malware problems, it is time to do our final steps:
    1. We recommend you keep Malwarebytes Anti-Malware for scanning/removal of malware.
    3. Go back to step 4 oof the READ ME and renable your Disk Emulation software with Defogger if you had disabled it.
    4. Go to add/remove programs and uninstall HijackThis. If you don't see it or it will not uninstall, don't worry about it. Just move on to the next step.
    5. If running Vista or Win 7, it is time to make sure you have reenabled UAC by double clicking on the C:\MGtools\enableUAC.reg file and allowing it to be added to the registry.
    6. Goto the C:\MGtools folder and find the MGclean.bat file. Double click ( if running Vista, Win7, or Win 8 Right Click and Run As Administrator ) on this file to run this cleanup program that will remove files and folders related to MGtools and some other items from our cleaning procedures.
    8. Any other miscellaneous tools we may have had you install or download can be uninstalled and deleted.
    10. After doing the above, you should work thru the below link:
     
    chaslang, Apr 18, 2013
    #2
  3. chezybezy

    chezybezy Private E-2

    Thanks for your time and for looking through everything.
    and thankyou for explaining that a result identified in MSE as an exploit are not nasties!
    so i take it that that laptop is all fine?
    many thanks
     
    chezybezy, Apr 18, 2013
    #3
  4. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You're welcome.
    Yes. Just update any out of date software including Windows.
     
    chaslang, Apr 20, 2013
    #4

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds