The Openconnection is a family of Java applet based trojan downloaders, that infect Internet Explorer through malicous web page that uses Java classloader byteverify exploit or other vulnerability in Internet Explorer.
The easiest way to be safe from these trojans is to make sure that Internet Explorer (IE) is up to date.
Note: In some cases, even with an updated browser, the trojans are sometimes downloaded, but they are at least unable to activate.
A False Positive is when a file is incorrectly detected as harmful, usually because its code or behavior resembles known harmful programs. A False Positive will usually be fixed in a subsequent database update without any action needed on your part. If you wish, you may also:
Check for the latest database updates
First check if your F-Secure security program is using the latest updates, then try scanning the file again.
Submit a sample
After checking, if you still believe the file is incorrectly detected, you can submit a sample of it for re-analysis.
Note: If the file was moved to quarantine, you need to collect the file from quarantine before you can submit it.
Exclude a file from further scanning
If you are certain that the file is safe and want to continue using it, you can exclude it from further scanning by the F-Secure security product.
Note: You need administrative rights to change the settings.
These trojans usually download other trojan/spyware components on the system.
The Openconnection trojans install themselves from a malicious web page that contains a reference to the trojan.
The trojan uses a vulnerability in the classloader system of Microsoft Java runtime, that allows the malicious applet to break out of the sandbox, and gain same access as any other executable running with users permissions.
Further information about the vulnerability in the Microsoft Java VM, including a fix, is available at: