Windows 7 Forums

Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Rootkit attempts though java update. Requesting patching help.

13 Apr 2012   #1
vpwin7

Windows 7 Home Premium x64
 
 
Rootkit attempts though java update. Requesting patching help.

Excuse typo in title.

On occasion I receive a java update notification. The updater is completely legitimate from what I can tell, however I do not have an update available. I have downloaded the latest version of Java manually, and when granting this other Java update permission Microsoft Security Essentials(MSE) states that there is a rootkit/trojan in a java install file, in my temp folders.

This Java update appears at the most random times, yesterday I was watching Hulu and it popped up. Just before this post I had uninstalled Java 6 Update 22 as I already have manually installed Java 7 installed. I'm wondering if this was likely a fake Java installation or a problem installation and if there is a good chance I got the bug, or is there something more specific I should look for besides typical virus sweeps?


My System SpecsSystem Spec
.
13 Apr 2012   #2
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi vpwin,

Does MSE specify which rootkit?

Lets take a deeper look at this. Please download and run this tool, and then post back the results:

How to remove malware belonging to the family Rootkit.Win32.TDSS (aka Tidserv, TDSServ, Alureon)?

Regards,
Golden
My System SpecsSystem Spec
13 Apr 2012   #3
Roderunner

Win7 H.Prem. 32bit+SP1
 
 

I use this instead of the normal Java. Never had any trouble. Java.pdf


My System SpecsSystem Spec
.

13 Apr 2012   #4
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Quote   Quote: Originally Posted by Roderunner View Post
I use this instead of the normal Java. Never had any trouble. Attachment 207080
Do you mean instead of AdobePDF? OP is having an issue with Java.

Regards,
Golden
My System SpecsSystem Spec
13 Apr 2012   #5
Roderunner

Win7 H.Prem. 32bit+SP1
 
 

Quote   Quote: Originally Posted by Golden View Post
Quote   Quote: Originally Posted by Roderunner View Post
I use this instead of the normal Java. Never had any trouble. Attachment 207080
Do you mean instead of AdobePDF? OP is having an issue with Java.

Regards,
Golden
No, its about Java.
My System SpecsSystem Spec
13 Apr 2012   #6
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Ahh. My mistake, the link opened up in my NitroPDF and for some reason I though your attachement was the link to Nitro
My System SpecsSystem Spec
13 Apr 2012   #7
Roderunner

Win7 H.Prem. 32bit+SP1
 
 

Quote   Quote: Originally Posted by Golden View Post
Ahh. My mistake, the link opened up in my NitroPDF and for some reason I though your attachement was the link to Nitro
A good lesson has just been learned to being more careful in the future.
Happy Safe surfing.
My System SpecsSystem Spec
13 Apr 2012   #8
vpwin7

Windows 7 Home Premium x64
 
 

Quote   Quote: Originally Posted by Roderunner View Post
I use this instead of the normal Java. Never had any trouble. Attachment 207080
That is actually what I did awhile ago and I continued to get false update notices. I didn't uninstall other Java entries though since I figured it would overwrite them. After finding an older version of Java today in my control panel I uninstalled it; the fact that it was there seemed a little odd to me.

I haven't had any update pops lately but it only occurs every once in awhile and they're never legitimate.

Additionally, all scanners come clean. I only get alerts if I were to accept the Java update. I'm looking mostly for preventative measures. But since you suggest manually updating Java, I probably already chose the right path.
My System SpecsSystem Spec
13 Apr 2012   #9
Golden
Microsoft MVP

Windows 7 Ult. x64
 
 

Hi,

Depending on the rootkit, you might have to do a little more work to ensure your system isn't compromised. Did MSE name the rootkit in question?

Some background reading:

https://en.wikipedia.org/wiki/Rootkit

Regards,
Golden
My System SpecsSystem Spec
14 Apr 2012   #10
Borg 386

Win 7 32 Home Premium, Win 7 64 Pro, Win 8.1, Win 10
 
 

Although the updater may LOOK legitimate, you still have to be careful. Virus writers take great care to craft things to look almost exactly like the real thing. If you know your system is up to date, it would be best to ignore these updaters. Any time you see an updater pop up, it's a good idea to go to the companys website & confirm they have indeed updated their software.

It might be a good idea for you to uninstall Java & then re-install it. Make sure you get it from the Java site and not another website offering it as a d/l.

There are several rootkit scanners available:

GMER - Rootkit Detector and Remover

Anti-rootkit utility TDSSKiller

Be sure to research the items the software finds as mistakes do happen & you can end up crippling your PC. The best thing would be to make a system image before you run these and delete any files.

Backup Complete Computer - Create an Image Backup
My System SpecsSystem Spec
Reply

 Rootkit attempts though java update. Requesting patching help.




Thread Tools





Similar help and support threads
Thread Forum
Multiple failed Windows Update attempts, error 8024200D file KB2836502
Hello all! This is my first post to this forum and, I must say, after perusing a few posts I'm excited to post my question. It looks like this is a great community. I recently reformatted my computer due to intermittent crashes during resource intensive application sessions. The crashes have...
Windows Updates & Activation
Computer attempts the same update on every shutdown
Hi, For the last months i have been having this problem when shutting down the system. It says i have an update and it attempts to update while taking quite a while it seems to complete and then the system goes off. However, next time i shut the computer down i have the same update which is...
Windows Updates & Activation
Where is the Java Update tab in the Java Control Panel?
I've been doing some reading about Java and how it relates to system security and vulnerability. Been thinking about removing it altogether, but not ready to do that just yet. I would at least like to make sure my Java is set to check for updates every day. However the Update tab is missing from...
Software
Java Update-Now I get a security warning for programs that run java
Updated Java to v7 Update 11, websites that use java are coming up with a security warning asking if I want to run this application? It says: An application from the location below is requesting permission to run. Location: www.time.gov/.../java Then I have to click "Run" so the program will...
General Discussion
Endless Update Attempts On PC Shutdown
Hello, Every time I shut down the PC, Windows 7 tries to install 9 updates. Next day, when I shut down again, I find it is again trying to install 9 updates. It keeps doing this over and over, forever. Yesterday, the number went up to 11. It looks like something causes the update procedure to...
Windows Updates & Activation

Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 08:12.

Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App