what is "DEPLOYJAVA1.DLL"?

Discussion in 'other software & services' started by siberianwolf, Jul 14, 2010.

Thread Status:
Not open for further replies.
  1. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    is it safe? is it a malware? made a research on it, but couldn't find enough info on it. anyone else seen this or received any alerts via their amw/av/asw regarding this dll?
    thanks
     
  2. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Couldn't find anything? ThreatExpert's got your boys checklist page. If not, find raymond.cc's "DEPLOYJAVA1.DLL (virus)?" thread.
     
    Last edited: Jul 14, 2010
  3. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    i didn't say i couldn't find anything. i said i couldn't find enough info on it. i already checked raymond.cc and there wasn't enough info on it. guys over there couldn't decide whether it's safe or harmful, still debating on it. here:

    http://www.raymond.cc/forum/spyware-viruses/21481-deployjava1-dll-virus-2.html
     
  4. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Consider - no path, no (if any) alerting application, no discovery reference or process list. What sort've response are you awaiting?
     
  5. stackz

    stackz Registered Member

    Joined:
    Dec 27, 2007
    Posts:
    621
    Location:
    Sydney Australia
    If you have Java 6 update 20 or 21, you'll have deployJava1.dll in the system32 directory.
     
  6. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    thanks for the info stackz. :thumb:
     
  7. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    I have Java 6 Update 20 and do not have this in system32.
    Not anywhere on my HDD active partition.
     
  8. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    903
    I have Java 6 update 20 and deployjava1.dll does reside in my system32 folder.
     
  9. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Really?
     
  10. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    Ditto with respect to Java 6 Update 21 on 4 different machines - 1 laptop running Vista and 3 desktops running XP SP3 - all have deployjava1.dll in the system32 folder.
     
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    and if it helps a sha-1 hash of that dll on my machine
    0768AD7408E1828F27D86B97503431BE51A2CE3E
     
  12. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    so? i already gave that link in my previous post and as i stated it's still not clear whether this dll is ok or not? let alone the thread @raymond.cc, even here @wilders, noone has yet 100% confirmed whether it's malware or not.
    http://www.raymond.cc/forum/spyware-viruses/21481-deployjava1-dll-virus-2.html#post190513

    so what's your point?
    ------------------------------------------------------------------------
    @prius04 & Cudni:
    thanks for the info.
     
    Last edited: Jul 15, 2010
  13. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Focus, reciprocate. Look through what's been posted and supply participating members with constructive feedback - simple.
     
  14. iluvhp87

    iluvhp87 Registered Member

    Joined:
    Jul 15, 2010
    Posts:
    1
    I need to talk to you GlobalForce about an older topic. I tried messaging you but it said it's not available right now. Can you help me?
     
  15. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Welcome iluvhp87 - good to go! Ya, you've got mail.
     
  16. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    aamof, by the context of the previous reciprocal posts, you should've got what you asked already, but anyway, here you go:
    "path" you asked; well as it's been stated in other guys' post and implicitly confirmed by me, it's all clear that the path is:
    "alerting application" you asked; if there were any, i'd specify that now, wouldn't i.

    "discovery reference" you asked; i just checked ie add-ons by "manage add-ons tab via ie settings" and i saw it there.

    "feedback" you asked; well, all the feedback i could give (which is all i got) is already posted here as of now.
    but thanks anyway.
     
    Last edited: Jul 16, 2010
  17. GlobalForce

    GlobalForce Regular Poster

    Joined:
    Jun 30, 2004
    Posts:
    3,581
    Location:
    Garden State, USA
    Not readily apparent leaves much to assumption. Ambiguity's an approach I doubt many here embrace.
     
  18. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    although it's not a matter of philosophy on what we're talking here, i'll try to be more unambiguous next time, ok? if that'll make you happy. whatever. :rolleyes:
    and you just try not to turn this into a personal matter next time, if you can. thanks.
     
  19. siberianwolf

    siberianwolf Registered Member

    Joined:
    Feb 15, 2009
    Posts:
    516
    and please try to write posts about the topic which are giving accurate info on topic (if you got any) instead of posting about irrelevant things digressing from the topic. believe me, that'll help more than you assume than posting off-topic messages.
     
  20. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    Update:

    I found "deployJava1.dll" in Safe Mode in Windows/System32.
    I wasn't able to find it by looking in Normal Mode, must've been hidden.
    The sha-1 deployJava1.dll didn't match Cudni's sha-1 hash value according to Hashtabs.

    I wonder if Trojan.Fakealert in Unallocated space has anything to do with it?
     
  21. prius04

    prius04 Registered Member

    Joined:
    Apr 14, 2007
    Posts:
    1,238
    Location:
    USA
    Mind posting it?

    FWIW, I got: DAFE1CD145741E40E218FB40FA66BB7D13CEE084
     
  22. Sadeghi85

    Sadeghi85 Registered Member

    Joined:
    Dec 20, 2009
    Posts:
    747
    Mine is: C29D893D775CCA32FA5CD65806867AD963AB356C

    Java 6 update 20
     
  23. yoganaut

    yoganaut Registered Member

    Joined:
    Jan 16, 2010
    Posts:
    5
  24. Searching_ _ _

    Searching_ _ _ Registered Member

    Joined:
    Jan 2, 2008
    Posts:
    1,988
    Location:
    iAnywhere
    @prius04

    I deleted it while in Safe Mode.
    The hash value looks very similar to Sadeghi85's hash value.
    Since i deleted it I can't be positive, and scanning with GMER crashed my system.
    If I have the opportunity, I will see if it's in unallocated space an restore it.
     
  25. Firebytes

    Firebytes Registered Member

    Joined:
    May 29, 2007
    Posts:
    903
    Same here.
     
Loading...
Thread Status:
Not open for further replies.