Page 1 of 2 12 LastLast
Results 1 to 10 of 12

Thread: Java and spybot

  1. #1
    Junior Member
    Join Date
    Feb 2013
    Posts
    6

    Default Java and spybot

    Hello, sorry if I'm posting in the wrong sub-section. Just a few days ago while running a java update though my desktop toolbar I encounted teatimer saying that there was something wrong with the java update. It stated that spybot search and destory encountered a problem and terminated a process callled javaw.exe. It identified this as Perfectkeylogger. As I have been searching through the forums I have found two threads stating that this may be a false positive however these threads are quite old. Anyways is there anyway i can confirm this is a false positive or is this something I need to worry about.

    Thanks for the help.

  2. #2
    Translator Team bbnetwork's Avatar
    Join Date
    Feb 2012
    Location
    Germany- Saxony
    Posts
    595

    Default

    Hello

    How did you get this Java-Update, have you been downloading it from java.com or did it come through the Java-Updater?

    Which Version of Java did you try to install?



    לשונות רעות שנפגעו שלוש פעמים: למי שמדבר, שדברו עליהם ומי שמקשיב.

    שלום

  3. #3
    Member of Team Spybot tashi's Avatar
    Join Date
    Oct 2005
    Location
    USA
    Posts
    30,955

    Default

    Hello Carrot1,

    Also,
    Quote Originally Posted by Carrot1 View Post
    As I have been searching through the forums I have found two threads stating that this may be a false positive however these threads are quite old. Anyways is there anyway i can confirm this is a false positive or is this something I need to worry about.
    How to report Possible False Positives

    Best regards.
    Microsoft MVP Reconnect 2018-
    Windows Insider MVP 2016-2018
    Microsoft Consumer Security MVP 2006-2016

  4. #4
    Junior Member
    Join Date
    Feb 2013
    Posts
    6

    Default

    Quote Originally Posted by bbnetwork View Post
    Hello

    How did you get this Java-Update, have you been downloading it from java.com or did it come through the Java-Updater?

    Which Version of Java did you try to install?
    It came through the java updater on my desktop toolbar. The version was Java 6 Update 39.

  5. #5
    Junior Member
    Join Date
    Feb 2013
    Posts
    6

    Default

    * Operating System (Windows XP Professional, Windows 7 ,etc.) Windows XP
    * Browser and Version (Internet Explorer 9, FireFox 10, Opera 11.61 etc.) Firefox 18.0.1
    * Version of Spybot S&D and date of the latest update Spybot version 1.6.2.46 last updated 30/01/2013
    * where did the false positive occur
    o Scan result
    o after fix
    o Spybot message at start of scan
    o Teatimer message when a program was executed Occured when running a java update through my desktop toolbar. It terminated Prefectkeylogger in javaw.exe
    o not reachable/restricted website
    o SDHelper popup
    o right click scan result

    I was updating to java 6 update 39. This has never happened to me before and I just wanted to be double sure that I didn't have a keylogger on my computer. If I don't could you please inform me and thanks for all the help.

  6. #6
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    Please do a full scan with Spybot S&D.
    If it does not find any supposed to be Java files this is probably a TeaTimer FP.
    If there is still doubt please send in the files in question to detections@spybot.info, please remember to link this thread in your email.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  7. #7
    Junior Member
    Join Date
    Feb 2013
    Posts
    6

    Default

    I just did a full scan and nothing was found however teatimer deleted javaw.exe and on the day of the incident. Do you want me to try update java again and then do a full scan?
    Last edited by Carrot1; 2013-02-11 at 11:45.

  8. #8
    Senior Member Yodama's Avatar
    Join Date
    Oct 2005
    Location
    Buchenheim
    Posts
    1,110

    Default

    If you are using Java you should update it, since exploits are actively used.
    In that case please redo the full scan.

    Very few websites use Java, so disabling it in the browser is recommended.

    Some software like the Eclipse IDE or LibreOffice do use the Java Runtime Environment (JRE). If you do not have any software requiring the JRE, it is safer to uninstall it.
    born in the shadow to die in the shadow, that is the fate of the shinobi

    Spybot S&D Downloads

    Please help us improve Spybot and download our distributed testing client.

  9. #9
    Junior Member
    Join Date
    Feb 2013
    Posts
    6

    Default

    Quote Originally Posted by Yodama View Post
    If you are using Java you should update it, since exploits are actively used.
    In that case please redo the full scan.

    Very few websites use Java, so disabling it in the browser is recommended.

    Some software like the Eclipse IDE or LibreOffice do use the Java Runtime Environment (JRE). If you do not have any software requiring the JRE, it is safer to uninstall it.
    Just reinstalled java 6 update 39 and spybot found nothing. Does this confirm that it was a false positive? I just want to know that I don't have a keylogger and if I did would teatimer had got rid of it?

    Thanks for all the help btw.

  10. #10
    Translator Team bbnetwork's Avatar
    Join Date
    Feb 2012
    Location
    Germany- Saxony
    Posts
    595

    Default

    Quote Originally Posted by Carrot1 View Post
    Just reinstalled java 6 update 39
    May i ask, why you did not install the latest Version of Java (Jave 7 update 13) since it will include newer fixes.

    If the full scan did'nt find anything, i would say, its almost sure, its a false-positiv.

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •