Guest User!

You are not Sophos Staff.

Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 3 replies
  • Subscribers 6 subscribers
  • Views 1077 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Mal/JavaDldr-B trojan

countryman

A scan of my computer threw up this and placed it in Quarantine manager and I duly cleaned it up.  However on checking what this trojan did, I see that it is a PC trojan.  So I have a couple of questions.

1) Why did Sophos pick this up? 

2) By cleaning up have I now removed a file that is needed to run my Mac...when I need not have cleaned it up ?

This Mac has never had windows running on it.

TIA

:1004299


This thread was automatically locked due to age.
Parents
  • 0

    In addition, Mal/JavaDldr-B detects generic signs of malicious Java-based downloaders.  This will never be part of a required file, as it's detecting explicitly malicious Java-based file downloading code.  The Windows designation is mostly due to the fact that we don't have a "Cross-Platform" designation, and it has only carried Windows-based payloads (so far).

    This detection will almost always show up in your java webcache folder, which never contains anything permanent (the only cache folder I've found that contains anything non-temporary is the Fonts cache, which contains any Font groupings you have made.  All other cache folders* contain temporary data used to speed up the loading of something on your computer and can be deleted with no ill effects*).

    * This is likely to change without much notice, and could already have changed.

    :1004309
Reply
  • 0

    In addition, Mal/JavaDldr-B detects generic signs of malicious Java-based downloaders.  This will never be part of a required file, as it's detecting explicitly malicious Java-based file downloading code.  The Windows designation is mostly due to the fact that we don't have a "Cross-Platform" designation, and it has only carried Windows-based payloads (so far).

    This detection will almost always show up in your java webcache folder, which never contains anything permanent (the only cache folder I've found that contains anything non-temporary is the Fonts cache, which contains any Font groupings you have made.  All other cache folders* contain temporary data used to speed up the loading of something on your computer and can be deleted with no ill effects*).

    * This is likely to change without much notice, and could already have changed.

    :1004309
Children
No Data