Go Back   Tech Support Forum > Security Center > General Computer Security

deploy.jar

This is a discussion on deploy.jar within the General Computer Security forums, part of the Tech Support Forum category. After receiving GREAT support from this forum when my computer was infected, I started using online-armor. I am getting to


Closed Thread
 
Thread Tools Search this Thread
Old 09-15-2010, 08:31 AM   #1
Registered Member
 
Join Date: Aug 2010
Posts: 89
OS: Vista when I ran safe mode it said service pack 2



After receiving GREAT support from this forum when my computer was infected, I started using online-armor. I am getting to know it, I think as it gives me messages about what is requesting access.
However, I do not know enough to answer some of its questions.
For example, right now it is asking about deploy.jar wanting to use windows\system32\svchost.exe (Process ID=1668)
Is there a place for me to reference what I should be allowing and what I should not be allowing? Or a way for me to determine what is OK or not?

Thanks so much for all of your help, as I learn to maintain my computer better!!
Deborah

__________________
Deborahjm is offline  
Old 09-15-2010, 10:37 AM   #2
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 50,008
OS: XP Pro; XP Home; Win7 x86 & x64



Hi -

Are you trying to update your Java when you receive this message? If so, you can allow it. Or, are you using some other application which uses Java?

The biggest thing to consider when training a new firewall is to be aware of what applications are running at the time of a message from the firewall. If you're running a known safe application and receive a message, it's generally ok to allow.

For more help, try this online help page for Online Armor

http://www.tallemu.com/webhelp3/Popups.html

Or, the Online Armor support forums.

http://support.online-armor.com/

__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
Old 09-15-2010, 02:35 PM   #3
Registered Member
 
Join Date: Aug 2010
Posts: 89
OS: Vista when I ran safe mode it said service pack 2



Hi
I was on the internet, which is what made me nervous, I was updating iTunes.

I will read the places you gave me the links to read for more information.

Thank you
Deborah
__________________
Deborahjm is offline  
Old 09-15-2010, 02:47 PM   #4
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 50,008
OS: XP Pro; XP Home; Win7 x86 & x64



I don't use iTunes, but from a quick look around, it seems like it has a Java based component, which might account for the alert. Did it give the exact location of the deploy.jar file?
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
Old 09-15-2010, 03:02 PM   #5
Registered Member
 
Join Date: Aug 2010
Posts: 89
OS: Vista when I ran safe mode it said service pack 2



First it says:
deploy.jar wants to use another process to access DNS

The process it wants to use is
C:\Windows\system32\svchost.exe (Process ID=1668)

It then says this means:
An unknown program(deploy.jar) is trying to use trusted program (svchost.exe) using LPC Port: \RPC Control\DNSRsolver.
This could result in (deploy.jar) gaining access to the internet through the trusted program.

It does not say anything about where deploy.jar is located.

Thanks
D
__________________
Deborahjm is offline  
Old 09-15-2010, 03:15 PM   #6
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 50,008
OS: XP Pro; XP Home; Win7 x86 & x64



Did you deny it access for now? Of course, that's always the safe route when unsure, and I think it may be best now that you've described it in more detail for me. There are legitimate reasons for allowing svchost.exe access to the internet, but without more detail about what application is calling it via deploy.jar, you're right to be cautious.

Can you perform a search of the machine for deploy.jar ? Note, a search may not find anything, anyway.

Still and all, it may be best to ask the folks at Online Armor to help you.
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
Old 09-15-2010, 04:47 PM   #7
Registered Member
 
Join Date: Aug 2010
Posts: 89
OS: Vista when I ran safe mode it said service pack 2



I first showed hidden folders and then did a search. There were no results. I blocked, and it gave me the very same message.
I did not have 'remember my decision checked, and so it just repeats the same pop up as soon as I click on block.
I was not able to join the forum yet. there was a difficulty with the verification ...there was nothing in the verification box for me to enter for verification, and it won't accept my registration without it.
I have emailed them for help.
I now also have a deploy.jar pop up that wants to start:
C:\Program Files\Bonjour\mdnsNSP.dll
I again unchecked show hidden files and did not find the folder Bonjour
Thanks
Deborah
__________________
Deborahjm is offline  
Old 09-15-2010, 05:16 PM   #8
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 50,008
OS: XP Pro; XP Home; Win7 x86 & x64



That message is actually helpful. Bonjour Service is part of iTunes.

http://www.systemlookup.com/search.p...ch=Mdnsnsp.dll

http://www.systemlookup.com/O23/4433...onder_exe.html

http://www.apple.com/support/bonjour/

http://en.wikipedia.org/wiki/Bonjour_%28software%29

That might explain why it's attempting to use the DNSResolver
__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
Old 09-15-2010, 05:20 PM   #9
Management Team, Security Center & TSF Academy
Expert Analyst, Moderator, Security Team
Rangemaster, Moderator, TSF Academy
 
tetonbob's Avatar

Microsoft Most Valuable Professional
 
Join Date: Jan 2005
Location: Transylvania County, North Carolina, USA
Posts: 50,008
OS: XP Pro; XP Home; Win7 x86 & x64



From your topic which was resolved a few days ago...

c:\program files\Bonjour\mDNSResponder.exe

Bonjour shows in the Installed Programs list.

__________________
Practice Safe Surfing
Because what you don't know, CAN hurt you.
Proud Member of UNITE since 2006

tetonbob is offline  
Closed Thread

Thread Tools Search this Thread
Search this Thread:

Advanced Search

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is on
Smilies are on
[IMG] code is on
HTML code is Off
Trackbacks are Off
Pingbacks are Off
Refbacks are Off


Post a Question


» Site Navigation
 > FAQ
  > 10.0.0.2


All times are GMT -7. The time now is 02:11 AM.


Copyright 2001 - 2014, Tech Support Forum

Windows 7 - Windows XP - Windows Vista - Trojan Removal - Spyware Removal - Virus Removal - Networking - Security - Top Web Hosts