Update March 16, 2011.
Argh, once again, they detect java as malware. If you have a large enterprise and every user clicks "Clean", you have a lot of computers with damaged Java. Annoying.Anyway, it is fixed in update 5960. It will not fix the broken java or your nerves but will stop the nagging screens.
November 9/ 2010
ESET Signature 5604 Detection of rt.jar
(can be located at C:\program files\Java\jre6\lib - in C:\program files\Java\jre6\lib\rt\javax\management)
MBeanServer.class
variant of Java/Exploit.CVE-2010-0094.E trojan -- FALSE POSITIVE on signature 5604 (Nov08)
Solution - update your virus definitions: Signature 5605 (Nov09) does not have the same problem
Virustotal for Signature 5604 (old)
http://www.virustotal.com/file-scan/report.html?id=0054fd5d5034e6f176c201a7571d2d32a3ac04b691ba334567587b578dbd40b0-1289332056
File name: MBeanServer.class
Submission date: 2010-11-09 18:05:16 (UTC)
Current status: finished
Result: 1 /43 (2.3%)
NOD32 5604 2010.11.09 a variant of Java/Exploit.CVE-2010-0094.E
Additional informationShow all
MD5 : c3691efe701fac891496ff366fd3a65f
If you deleted the file, you need to reinstall Java
Signature 5605 (new)http://www.virustotal.com/file-scan/report.html?id=0054fd5d5034e6f176c201a7571d2d32a3ac04b691ba334567587b578dbd40b0-1289332056
0/42
The over-reactive signature was made to detect the exploit described below
Metasploit external/source/exploits/CVE-2010-0094/Exploit.java
hi,
ReplyDeletei couldn't update yet, but, i really think it's a false positive.
it deleted an archive of a softwtare of mine, and detected the same "virus" in a backup of 8 months later...
i hope it fixes the problem (detection false positive) in new update... cause it F#@$ed my program...
Java and to some degree .Net are the main choices because they have been consistently pegged as the “safe” choice to go with for mid-level project managers in the corporate world. No one was ever fired for choosing Java or Microsoft.
ReplyDeleteHowever, there are many large distributed applications these days that run primarily with technologies like Python, PHP, et al. Even companies like Google and Yahoo are heavily invested in these technologies. Java may be the main choice for enterprise development now, but it’s days are numbered as the only stalwart option to go with.
Let’s face it, many of these so called “enterprise applications” could easily have been written much faster and with less overhead using technologies like Python, PHP, et al.
open source training