29 infiltrations

Discussion in 'ESET Smart Security' started by HelpMePleaseAndTY, Mar 26, 2011.

Thread Status:
Not open for further replies.
  1. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Hi I recently had my subscription expired been about 4 days but I just renewed it today. I ran a smart scan twice the first time I had 30 infiltrations but 1 was cleaned the second time I had 29 infiltrations and non of them got clean what do I do?
     
  2. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  3. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    hi ty for the response however i'm still not sure what to do. I ran the sysinspector program but how would i submit the log? also non of the files in their seemed to be higher than a 5.
     
  4. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,863
    Location:
    Texas
  5. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    I tried running the scan in safe mode a black box came up with text in it saying something about an error. My computer isn't slower and I don't have any pop ups is their anyway the infiltrations could be a different program that eset is mistaking as a threat ive had that happen with a few games before . these are the files their saying are infected/infiltrated

    C:\Users\Nicholas\AppData\Local\Temp\jar_cache1114460182998890146.tmp » ZIP » mog.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » cox.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/ISO.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/KOI.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/UTF.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/cp1251.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/KOI8R.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/translator.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/word.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6d0f390c-7e3ae01e » ZIP » vload.class - a variant of Java/Agent.AF trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\12\6d0f390c-7e3ae01e » ZIP » vmain.class - probably a variant of Win32/Agent.FXHNPDJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5dcd9995-3a58c6b7 » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\21\5dcd9995-3a58c6b7 » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux$1.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux.class - Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zo666.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zom.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-200b2063 » ZIP » bpac/a.class - a variant of Java/TrojanDownloader.OpenStream.NAU trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\6d038ce1-200b2063 » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\33\7361f21-48792ca3 » ZIP » plugin/sportGame.class - a variant of Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » hubert.class - Java/TrojanDownloader.OpenStream.NBL trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » a.class - a variant of Java/Exploit.CVE-2010-0094.J trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\6eeafe70-68e3b26e » ZIP » vload.class - a variant of Java/Agent.AF trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\48\6eeafe70-68e3b26e » ZIP » vmain.class - probably a variant of Win32/Agent.FXHNPDJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\56\38df6cf8-3dd65cf8 » ZIP » glass/lulux.class - a variant of Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\58\1552583a-13cb02b6 » ZIP » plugin/sportGame.class - a variant of Java/TrojanDownloader.OpenStream.NBI trojan
     
  6. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,863
    Location:
    Texas
  7. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    okay after trying your suggestion/restarting my comp/running a new scan the number of infected files dropped from 29 to 18 is their another step i could take to get the rest of them to go away?also are they even infected or is it the software mistaking them for something else?

    C:\Users\Nicholas\AppData\Local\Temp\jar_cache1114460182998890146.tmp » ZIP » mog.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » cox.class - a variant of Java/TrojanDownloader.OpenStream.NAX trojan
    C:\Users\Nicholas\AppData\Local\Temp\jar_cache3396278150879612683.tmp » ZIP » bpac/KAVS.class - Java/TrojanDownloader.Agent.NCA trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/ISO.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/KOI.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » encode/UTF.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/cp1251.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/KOI8R.class - Java/Agent.AD trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/translator.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\11\7592844b-767b075e » ZIP » langdriver/word.class - Java/TrojanDownloader.OpenStream.NBI trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux$1.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/lulux.class - Java/TrojanDownloader.OpenStream.NBJ trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zo666.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\31\a11d45f-5754d1bd » ZIP » glass/Zom.class - Java/Agent.AE trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » hubert.class - Java/TrojanDownloader.OpenStream.NBL trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\34\747dc2e2-639e00df » ZIP » a.class - a variant of Java/Exploit.CVE-2010-0094.J trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » encode/Unicode.class - a variant of Java/Agent.AB trojan
    C:\Users\Nicholas\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\40\2d9d39a8-6579ecec » ZIP » setup/lang.class - Java/TrojanDownloader.Agent.NCG trojan
     
  8. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    I ran the malware bytes program that was suggested and nothing is coming up as malware.Still looking for any suggestions / answers if anyone has any.
     
  9. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    clear the java cache again. After you did that first time did you start browsing soon after?
     
  10. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    No I didn't I also tried clearing the cache again already/ I even uninstalled Java and ran the scan and they still came up than i reinstalled it and they still came up.I changed the malwarebytes to an in depth scan and 1 object came up as infected so far when it finishes the scan ill see if i can remove it but that still doesn't account for the other 17 files but ill see if their caught before its done.
     
  11. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
    go to those file locations in windows explorer and delete the manually
     
  12. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Not really sure how to find these files would you happen to have a guide for that or could you explain how please.
     
  13. Cudni

    Cudni Global Moderator

    Joined:
    May 24, 2009
    Posts:
    6,956
    Location:
    Somethingshire
  14. HelpMePleaseAndTY

    HelpMePleaseAndTY Registered Member

    Joined:
    Mar 26, 2011
    Posts:
    8
    Thank you for all the help after I removed the files and re did a scan nothing came up as infected or infiltrated. However i'm still wondering was I actually infected ?
     
  15. ronjor

    ronjor Global Moderator

    Joined:
    Jul 21, 2003
    Posts:
    65,863
    Location:
    Texas
    Some off topic posts removed.
     
  16. yongsua

    yongsua Registered Member

    Joined:
    Feb 9, 2011
    Posts:
    474
    Location:
    Malaysia
    @HelpMePleaseAndTY,

    I recommend you one great free security program,Secunia PSIhttp://secunia.com/vulnerability_scanning/personal/I highly recommend you to perform scan with this program to detect vulnerable and out-dated programs such as Java and Adobe etc.It is really an useful program.

    Note:Internet connection is required to use this program.
     
Thread Status:
Not open for further replies.
  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.