Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Please help, not sure if this is actually a virus or not!


  • Please log in to reply
5 replies to this topic

#1 ninael

ninael

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 17 March 2012 - 02:36 PM

I got this pop up from Microsoft Security Essentials about ten minutes ago, I'd never seen anything from it before, and the pop up said something along the lines of "security essentials detected a possible threat and suspended it", with the option to see the details or clean the computer. I just left it and did a quick scan on malware bytes, nothing came up, so I'm doing a full scan - about halfway through the pop up changed to "microsoft security essentials successfully cleaned your computer", basically I'm just wondering if it's legit or a virus?
If anyone can shed some light on it I'll be really grateful!

BC AdBot (Login to Remove)

 


#2 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:47 PM

Posted 17 March 2012 - 02:38 PM

Can you go into the history tab and copy and paste the results here of the most recent detected threat.

#3 ninael

ninael
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 17 March 2012 - 03:05 PM

Of the security essentials one?
Ok, there are three, all from today, the most recent being TrojanDownloader:Java/OpenConnection.PK.
I've never had any of these notifications before, and I've had three in quick succession, so I'm just a bit hmmm about the whole thing...
thanks :)

Edited by ninael, 17 March 2012 - 03:19 PM.


#4 cryptodan

cryptodan

    Bleepin Madman


  • Members
  • 21,868 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Catonsville, Md
  • Local time:08:47 PM

Posted 17 March 2012 - 03:19 PM

the history tab in Microsoft Security Essentials:

Should be something like this:

Description: This program has potentially unwanted behavior.

Recommended action: Review the alert details to see why the software was detected. If you do not like how the software operates or if you do not recognize and trust the publisher, consider blocking or removing the software.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Category: Settings Modifier

Get more information about this item online.

#5 ninael

ninael
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:03:47 PM

Posted 17 March 2012 - 03:28 PM

Category: Trojan Downloader

Description: This program is dangerous and downloads other programs.

Recommended action: Remove this software immediately.

Security Essentials detected programs that may compromise your privacy or damage your computer. You can still access the files that these programs use without removing them (not recommended). To access these files, select the Allow action and click Apply actions. If this option is not available, log on as administrator or ask the security administrator for help.

Items:
containerfile:C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\10dbd9c7-15b407dc
file:C:\Users\User\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\7\10dbd9c7-15b407dc->Sefas.class

#6 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,323 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:04:47 PM

Posted 17 March 2012 - 09:54 PM

When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder (C:\Documents and Settings\username\Application Data\Sun\Java\Deployment\cache) for quick execution later and better performance. Malicious applets are also stored in the Java cache directory and your anti-virus may detect them and provide alerts. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. As a precaution, I recommend clearing the entire cache to ensure everything is cleaned out: Thanks to quietman7

Edited by boopme, 17 March 2012 - 09:55 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users