Hello,
this morning, my Avast blocked jusched.exe because of Win32:Dropper-gen[Drp]. I only want to ask if its serious infection or only false positive, because same virus my Avast found in Warthunder game, and their developers informed us that its false positive and fixed it.
I scanned PC with adwcleaner but it found nothing.
Can you please help me?
I scanned PC with adwcleaner but it found nothing.AdwCleaner just remove crap files from your browsers
this morning, my Avast blocked[b] jusched.exe[/b] because of Win32:Dropper-gen[Drp]. [b]I only want to ask if its serious infection or only false positive,[/b]suspicious files can be tested at one of these locations www.virustotal.com / www.metascan-online.com / www.jotti.org
Ok, i used virustotal for scanning that file and it say: " Probably harmless! There are strong indicators suggesting that this file is safe to use." This means that its false positive?
post link to scan result here
file is new but seems like a OK file to me…
First submission 2014-07-16 00:25:35 UTC ( 1 week, 1 day ago )
CopyrightCopyright (C) 2012 Publisher Oracle America Product Java(TM) Platform SE Auto Updater Original name jusched.exe Internal name Java(TM) Update Scheduler File version 2.1.65.20 Description Java(TM) Update Scheduler Signature verification Signed file, verified signature Signing date 10:38 AM 7/11/2014
Signers [+][b] Oracle America[/b] Status Valid Valid from 1:00 AM 6/8/2013 Valid to 12:59 AM 8/7/2016 Valid usage Code Signing Algorithm SHA1 Thumbrint 9F75A0B14C125F806946AEE6A54E97A1D8C1B9ED Serial number 0A 4F 98 7A 76 9E 4A 35 3B 26 87 8A 3B D3 D3 DE [+] [b]VeriSign Class 3 Code Signing 2010 CA[/b] Status Valid Valid from 1:00 AM 2/8/2010 Valid to 12:59 AM 2/8/2020 Valid usage Client Auth, Code Signing Algorithm SHA1 Thumbrint 495847A93187CFB8C71F840CB7B41497AD95C64F Serial number 52 00 E5 AA 25 56 FC 1A 86 ED 96 C9 D4 4B 33 C7 [+] [b]VeriSign[/b] Status Valid Valid from 1:00 AM 11/8/2006 Valid to 12:59 AM 7/17/2036 Valid usage Server Auth, Client Auth, Email Protection, Code Signing Algorithm SHA1 Thumbrint 4EB6D578499B1CCF5F581EAD56BE3D9B6744A5E5 Serial number 18 DA D1 9E 26 7D E8 BB 4A 21 58 CD CC 6B 3B 4A Counter signers [+] [b]Symantec Time Stamping Services Signer - G4[/b] Status Valid Valid from 1:00 AM 10/18/2012 Valid to 12:59 AM 12/30/2020 Valid usage Timestamp Signing Algorithm SHA1 Thumbrint 65439929B67973EB192D6FF243E6767ADF0834E4 Serial number 0E CF F4 38 C8 FE BF 35 6E 04 D8 6A 98 1B 1A 50 [+] [b]Symantec Time Stamping Services CA - G2[/b] Status Valid Valid from 1:00 AM 12/21/2012 Valid to 12:59 AM 12/31/2020 Valid usage Timestamp Signing Algorithm SHA1 Thumbrint 6C07453FFDDA08B83707C09B82FB3D15F35336B1 Serial number 7E 93 EB FB 7C C6 4E 59 EA 4B 9A 77 D4 06 FC 3B [+] [b]Thawte Timestamping CA[/b] Status Valid Valid from 1:00 AM 1/1/1997 Valid to 12:59 AM 1/1/2021 Valid usage Timestamp Signing Algorithm MD5 Thumbrint BE36A4562FB2EE05DBB3D32323ADF445084ED656 Serial number 00
thank you, can i put it to exceptions then?
You can report it to avast lab as possible False Positive using one of these options…
you may add a link to this topic in case they reply here
You can upload files and report issues to avast here : http://www.avast.com/contact-form.php (select subject according to Your case)
You can use mail
send to virus@avast.com in a password protected zip file
mail subject: False Positive / undetected sample (select subject according to your case)
zip password: infected
or you can send files from avast chest
how to use the chest. http://www.avast.com/faq.php?article=AVKB21
ok i sent it via contact us webpage, thank you for help
if FP they usually fix it quick and i think you shall recive a note when done… or maybe they reply here if you gave a link, check back
I experienced the same notification and confirmed it to be a false positive. https://www.virustotal.com/en/file/305ae678d3163d57c8e027f94bc553fdfde7f9a14599eaec370b0867de4a9ec2/analysis/1406211318/
Thanks to all for the contributions.