29 infiltrations

Discussion in 'ESET Smart Security' started by HelpMePleaseAndTY, Mar 26, 2011.

Thread Status:
Not open for further replies.
  1. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Hi I recently had my subscription expired been about 4 days but I just renewed it today. I ran a smart scan twice the first time I had 30 infiltrations but 1 was cleaned the second time I had 29 infiltrations and non of them got clean what do I do?
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    hi ty for the response however i'm still not sure what to do. I ran the sysinspector program but how would i submit the log? also non of the files in their seemed to be higher than a 5.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
  5. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    I tried running the scan in safe mode a black box came up with text in it saying something about an error. My computer isn't slower and I don't have any pop ups is their anyway the infiltrations could be a different program that eset is mistaking as a threat ive had that happen with a few games before . these are the files their saying are infected/infiltrated

    C:\Users\Nicholas\AppData\Local\Temp\jar_cache1114460182998890146.tmp » ZIP » mog.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » cox.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/ISO.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/KOI.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/UTF.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/cp1251.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/KOI8R.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/translator.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/word.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6d0f390c-7e3ae01e » ZIP » vload.class - a variant of Java/Agent.AF trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6d0f390c-7e3ae01e » ZIP » vmain.class - probably a variant of Win32/Agent.FXHNPDJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5dcd9995-3a58c6b7 » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5dcd9995-3a58c6b7 » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux$1.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux.class - Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zo666.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zom.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-200b2063 » ZIP » bpac/a.class - a variant of Java/TrojanDownloader.OpenStream.NAU trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-200b2063 » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7361f21-48792ca3 » ZIP » plugin/sportGame.class - a variant of Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » hubert.class - Java/TrojanDownloader.OpenStream.NBL trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » a.class - a variant of Java/Exploit.CVE-2010-0094.J trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\6eeafe70-68e3b26e » ZIP » vload.class - a variant of Java/Agent.AF trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\6eeafe70-68e3b26e » ZIP » vmain.class - probably a variant of Win32/Agent.FXHNPDJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\38df6cf8-3dd65cf8 » ZIP » glass/lulux.class - a variant of Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1552583a-13cb02b6 » ZIP » plugin/sportGame.class - a variant of Java/TrojanDownloader.OpenStream.NBI trojan
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
  7. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    okay after trying your suggestion/restarting my comp/running a new scan the number of infected files dropped from 29 to 18 is their another step i could take to get the rest of them to go away?also are they even infected or is it the software mistaking them for something else?

    C:\Users\Nicholas\AppData\Local\Temp\jar_cache1114460182998890146.tmp » ZIP » mog.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » cox.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/ISO.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/KOI.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/UTF.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/cp1251.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/KOI8R.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/translator.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/word.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux$1.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux.class - Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zo666.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zom.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » hubert.class - Java/TrojanDownloader.OpenStream.NBL trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » a.class - a variant of Java/Exploit.CVE-2010-0094.J trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
     
  8. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    I ran the malware bytes program that was suggested and nothing is coming up as malware.Still looking for any suggestions / answers if anyone has any.
     
  9. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    clear the java cache again. After you did that first time did you start browsing soon after?
     
  10. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    No I didn't I also tried clearing the cache again already/ I even uninstalled Java and ran the scan and they still came up than i reinstalled it and they still came up.I changed the malwarebytes to an in depth scan and 1 object came up as infected so far when it finishes the scan ill see if i can remove it but that still doesn't account for the other 17 files but ill see if their caught before its done.
     
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    go to those file locations in windows explorer and delete the manually
     
  12. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Not really sure how to find these files would you happen to have a guide for that or could you explain how please.
     
  13. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  14. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Thank you for all the help after I removed the files and re did a scan nothing came up as infected or infiltrated. However i'm still wondering was I actually infected ?
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    57,740
    Location:
    Texas
    Some off topic posts removed.
     
  16. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    @HelpMePleaseAndTY,

    I recommend you one great free security program,Secunia PSIhttp://secunia.com/vulnerability_scanning/personal/I highly recommend you to perform scan with this program to detect vulnerable and out-dated programs such as Java and Adobe etc.It is really an useful program.

    Note:Internet connection is required to use this program.
     
Thread Status:
Not open for further replies.