Infected! False Pos?? What Next?

Discussion in 'ESET Smart Security' started by COSMO26, Jan 23, 2012.

Thread Status:
Not open for further replies.
  1. COSMO26

    COSMO26 Registered Member

    Joined:
    Oct 21, 2003
    Posts:
    404
    C:\Documents and Settings\HP_Administrator\Local Settings\Application Data\Sun\Java\Deployment\cache\6.0\3\3b6b9743-5652708c » ZIP » gwhtackueccyqtyy.class - a variant of Java/TrojanDownloader.Agent.NDJ trojan

    Above String from today's In-Depth On-Demand Scan Log (after Google'ing) doesn't look like a Real Issue BUT what to do next would be appreciated. MBAM Pro is all I've run since this scan and No Issues were found.

    In Explorer the Date of the String ----- same name as above but STOPS before ZIP ---- is 1/2/12 and the Jan 8 & 14 Scans did NOT pick this up -

    Many Thanks!
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    maybe submit to eset and or empty java cache. also check that you are running latest java
     
  3. stratoc

    stratoc Guest

    I got a load of these after last update, hitman and malwarebytes say they're clean. I'm keeping them in quantine till next update, this seems to happen occasionally. mine is same trojan in java data files. Detected on a smart scan.
     
  4. gugarci

    gugarci Registered Member

    Joined:
    Mar 30, 2009
    Posts:
    288
    Location:
    Jersey
    I used to see those occasionally in the past. Change your Java cache settings. Uncheck keep temporary files on your PC under Java/General/Settings.
     
  5. COSMO26

    COSMO26 Registered Member

    Joined:
    Oct 21, 2003
    Posts:
    404
    Thanks to you all.

    I did the Unchk Temp Files on Computer and will see what happens. My "Infected" was Just a Red Line in the Log -No Quarantine of the File - but I haven't been aware of any computer "behavior" changes, anyway.

    The above Deleted the file before I figured out how to put it in a PWd, Zipped folder for ESET.
    Browsing in Tools/Submit for Analysis wasn't do-able as the String stops at \cache\ even with All Files chk'd.

    Thanks again!
     
    Last edited: Jan 24, 2012
Thread Status:
Not open for further replies.