• This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn more.

Periodic JAR Trojans quarantined - where from?


Debiant by way of Ubuntu
since about six weeks ago (been on holidays meantime) I have been getting the following intercepted by my AV - see screenie attached.

This usually occurs whilst I am away from the machine, I think it always has actually. I believe the JAR file is the key and this is a JAVA Runtime of some sort, my question is if anyone could give me some idea of the origins? Scans of my machine come up clean after the interception so I don't think anything is getting through.

I believe cidaemon is a legitimate service - presumably this trojan is attempting to hijack it?

I run Adaware and Spybot regularly and will post a hijackthis! log if anyone thinks it will help.

Any ideas of lines to persue appreciated - or if anyone thinks my AV is simply doing it's job and I should continue without concern, equally useful information.



Debiant by way of Ubuntu
Maybe, and maybe I have been slightly idiotic (well it is a bit early for just the one coffee to kick in!) I am thinking what has happened is I have set my McAffe AV to move the files to a Quarantine folder - as you can maybe see - if the clean fails. What I think has been happening is that perioducally for some reason an access is made there and McAffee has been "refinding" the infected files in Quarantine.

I junked my quarantine folder, am rerunning a scan, expect problem to go away after....

If it does not I will resurrect thread.

Still curious where they came from, but will leave that as something better to forget in all probability.

Sorry for wasting anyones time - but hey, that's what computers do, right? ;)

Members online

No members online now.

Latest posts

Latest profile posts

Hello, is there anybody in there? Just nod if you can hear me ...
What a long strange trip it's been. =)

Forum statistics

Latest member