java update/trojan

[Mazy]

I am using a Vista 64-bit with Chrome browser and have had numerous problems with Java. I am running the 7.5 edition which is the most recent.

I have gotten numerous messages that I need to update. On the java. com page, I am told to run this time or update plug-in. If I choose run this time, I get a message saying java is up-to-date, if I try to update, I am directed right back to the java.com update page.

My chrome plug-ins page continues to tell me I need to download a critical security update, but that link leads me right back to the java download page, and back to the update plugin or run this time option.

I ran Avast scans, boot and custom, which show no issues.

I then ran a virus total scan, which shows I have TROJ_GEN.F47V0813

How do I get this into the vault, and how do I update java without downloading it again? Unfortunately, I have already uninstalled java several times, what kind of damage have I done with that?

[Pondus]

I then ran a virus total scan, which shows I have TROJ_GEN.F47V0813

virustotal does not scan your machine .....but files you upload, what file did you upload

could you give us the link to the scan result ?

[polonus]

Hi Mazy and Pondus,

It is the MS Project Viewer Downloader that is being flagged, but the victim has run another product to detect this.
Does the victim have aditional residential  MS av installed.
Avast should detect this threat (a keylogging spy tool) as  Win32:Adware-gen [Adw],

polonus

[Mazy]

Here are the links. Since I have made so many attempts to install/uninstall the program, I now have numerous copies of java in my download file, and each link below corresponds to each java download -- I can see that they all show the same result. I had removed all the copies with my last update attempt, but I want to wait to figure this out before I start deleting anything:

https://www.virustotal.com/file/4567b26f51c45c8c250d45a35eb3808c1857dd308ad98ed1a393495f1a79e241/analysis/

https://www.virustotal.com/file/4567b26f51c45c8c250d45a35eb3808c1857dd308ad98ed1a393495f1a79e241/analysis/

https://www.virustotal.com/file/4567b26f51c45c8c250d45a35eb3808c1857dd308ad98ed1a393495f1a79e241/analysis/

https://www.virustotal.com/file/4567b26f51c45c8c250d45a35eb3808c1857dd308ad98ed1a393495f1a79e241/analysis/

[Pondus]

all 4 files are identical..as you can see from the SHA256 on top of the VT scan 

and the detection is what we call a False Positve ....from Trend Micro House Call

First seen by VirusTotal
 2012-07-12 19:06:37 UTC ( 1 måned, 1 uke ago )


Sigcheck
publisher................: Oracle Corporation
product..................: Java(TM) Platform SE 7 U5
internal name............: Setup Launcher
copyright................: Copyright (c) 2012
original name............: jinstall.exe
signing date.............: 2:13 AM 6/27/2012
signers..................: Oracle America, Inc.; VeriSign Class 3 Code Signing 2009-2 CA; Class 3 Public Primary Certification Authority
file version.............: 7.0.50.6
description..............: Java(TM) Platform SE binary

[Mazy]

Good to know, no virus. Any idea about what may be causing all these problems getting java to work? I've never had this issue before and I'm at my wits end.

[Pondus]

you may try this .....  http://singularlabs.com/software/javara/

[Mazy]

Thanks. I'll give it a try.