Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected by Java/Agent.m.1


  • Please log in to reply
No replies to this topic

#1 MistyTiger

MistyTiger

  • Members
  • 1 posts
  • OFFLINE
  •  
  • Local time:09:25 AM

Posted 03 August 2010 - 10:08 PM

I was running avira and I found 2 detections of Java/Agent.m.1. Could someone please help me with this? I have attached the avira log. Only 1 detection was moved to quarantine. Oh no. Thank you.

-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Avira AntiVir Personal
Report file date: Tuesday, August 03, 2010 20:17

Scanning for 2672954 virus strains and unwanted programs.

The program is running as an unrestricted full version.
Online services are available:

Licensee : Avira AntiVir Personal - FREE Antivirus
Serial number : 0000149996-ADJIE-0000001
Platform : Windows Vista
Windows version : (Service Pack 2) [6.0.6002]
Boot mode : Normally booted
Username : SYSTEM
Computer name : VICTORIA-PC

Version information:
BUILD.DAT : 10.0.0.567 32097 Bytes 4/19/2010 15:07:00
AVSCAN.EXE : 10.0.3.0 433832 Bytes 4/21/2010 00:36:50
AVSCAN.DLL : 10.0.3.0 46440 Bytes 4/21/2010 00:36:50
LUKE.DLL : 10.0.2.3 104296 Bytes 3/7/2010 22:33:04
LUKERES.DLL : 10.0.0.1 12648 Bytes 2/11/2010 03:40:49
VBASE000.VDF : 7.10.0.0 19875328 Bytes 11/6/2009 19:21:21
VBASE001.VDF : 7.10.1.0 1372672 Bytes 11/19/2009 19:21:22
VBASE002.VDF : 7.10.3.1 3143680 Bytes 1/20/2010 19:11:20
VBASE003.VDF : 7.10.3.75 996864 Bytes 1/26/2010 19:11:21
VBASE004.VDF : 7.10.4.203 1579008 Bytes 3/5/2010 01:25:12
VBASE005.VDF : 7.10.6.82 2494464 Bytes 4/15/2010 23:40:47
VBASE006.VDF : 7.10.7.218 2294784 Bytes 6/2/2010 01:28:10
VBASE007.VDF : 7.10.9.165 4840960 Bytes 7/23/2010 17:51:01
VBASE008.VDF : 7.10.9.166 2048 Bytes 7/23/2010 17:51:01
VBASE009.VDF : 7.10.9.167 2048 Bytes 7/23/2010 17:51:02
VBASE010.VDF : 7.10.9.168 2048 Bytes 7/23/2010 17:51:02
VBASE011.VDF : 7.10.9.169 2048 Bytes 7/23/2010 17:51:03
VBASE012.VDF : 7.10.9.170 2048 Bytes 7/23/2010 17:51:03
VBASE013.VDF : 7.10.9.198 157696 Bytes 7/26/2010 23:43:05
VBASE014.VDF : 7.10.9.255 997888 Bytes 7/29/2010 13:12:30
VBASE015.VDF : 7.10.10.28 139264 Bytes 8/2/2010 00:15:54
VBASE016.VDF : 7.10.10.52 127488 Bytes 8/3/2010 00:15:55
VBASE017.VDF : 7.10.10.53 1536 Bytes 8/3/2010 00:15:55
VBASE018.VDF : 7.10.10.54 1536 Bytes 8/3/2010 00:15:55
VBASE019.VDF : 7.10.10.55 1536 Bytes 8/3/2010 00:15:55
VBASE020.VDF : 7.10.10.56 1536 Bytes 8/3/2010 00:15:56
VBASE021.VDF : 7.10.10.57 1536 Bytes 8/3/2010 00:15:56
VBASE022.VDF : 7.10.10.58 1536 Bytes 8/3/2010 00:15:56
VBASE023.VDF : 7.10.10.59 1536 Bytes 8/3/2010 00:15:56
VBASE024.VDF : 7.10.10.60 1536 Bytes 8/3/2010 00:15:56
VBASE025.VDF : 7.10.10.61 1536 Bytes 8/3/2010 00:15:57
VBASE026.VDF : 7.10.10.62 1536 Bytes 8/3/2010 00:15:57
VBASE027.VDF : 7.10.10.63 1536 Bytes 8/3/2010 00:15:57
VBASE028.VDF : 7.10.10.64 1536 Bytes 8/3/2010 00:15:57
VBASE029.VDF : 7.10.10.65 1536 Bytes 8/3/2010 00:15:58
VBASE030.VDF : 7.10.10.66 1536 Bytes 8/3/2010 00:15:58
VBASE031.VDF : 7.10.10.68 7168 Bytes 8/3/2010 00:15:58
Engineversion : 8.2.4.32
AEVDF.DLL : 8.1.2.1 106868 Bytes 7/30/2010 13:14:00
AESCRIPT.DLL : 8.1.3.42 1364347 Bytes 7/30/2010 13:13:59
AESCN.DLL : 8.1.6.1 127347 Bytes 5/13/2010 01:14:51
AESBX.DLL : 8.1.3.1 254324 Bytes 4/26/2010 20:26:22
AERDL.DLL : 8.1.8.2 614772 Bytes 7/21/2010 20:32:02
AEPACK.DLL : 8.2.3.3 471414 Bytes 7/30/2010 13:13:45
AEOFFICE.DLL : 8.1.1.8 201081 Bytes 7/21/2010 20:31:58
AEHEUR.DLL : 8.1.2.10 2830711 Bytes 7/30/2010 13:13:33
AEHELP.DLL : 8.1.13.2 242039 Bytes 7/21/2010 20:31:47
AEGEN.DLL : 8.1.3.18 393589 Bytes 7/30/2010 13:12:43
AEEMU.DLL : 8.1.2.0 393588 Bytes 4/26/2010 20:26:21
AECORE.DLL : 8.1.16.2 192887 Bytes 7/21/2010 20:31:46
AEBB.DLL : 8.1.1.0 53618 Bytes 4/26/2010 20:26:21
AVWINLL.DLL : 10.0.0.0 19304 Bytes 1/14/2010 16:03:38
AVPREF.DLL : 10.0.0.0 44904 Bytes 1/14/2010 16:03:35
AVREP.DLL : 10.0.0.8 62209 Bytes 2/18/2010 20:47:40
AVREG.DLL : 10.0.3.0 53096 Bytes 4/21/2010 00:36:55
AVSCPLR.DLL : 10.0.3.0 83816 Bytes 4/21/2010 00:36:55
AVARKT.DLL : 10.0.0.14 227176 Bytes 4/21/2010 00:36:49
AVEVTLOG.DLL : 10.0.0.8 203112 Bytes 1/26/2010 13:53:30
SQLITE3.DLL : 3.6.19.0 355688 Bytes 1/28/2010 16:57:58
AVSMTP.DLL : 10.0.0.17 63848 Bytes 3/16/2010 19:38:56
NETNT.DLL : 10.0.0.0 11624 Bytes 2/19/2010 18:41:00
RCIMAGE.DLL : 10.0.0.26 2550120 Bytes 1/28/2010 17:10:20
RCTEXT.DLL : 10.0.53.0 97128 Bytes 4/21/2010 00:36:47

Configuration settings for the scan:
Jobname.............................: Complete system scan
Configuration file..................: C:\program files\avira\antivir desktop\sysscan.avp
Logging.............................: low
Primary action......................: interactive
Secondary action....................: ignore
Scan master boot sector.............: on
Scan boot sector....................: on
Boot sectors........................: C:,
Process scan........................: on
Extended process scan...............: on
Scan registry.......................: on
Search for rootkits.................: on
Integrity checking of system files..: off
Scan all files......................: All files
Scan archives.......................: on
Recursion depth.....................: 20
Smart extensions....................: on
Macro heuristic.....................: on
File heuristic......................: medium
Deviating risk categories...........: +APPL,+GAME,+JOKE,+PCK,+SPR,

Start of the scan: Tuesday, August 03, 2010 20:17

Starting search for hidden objects.
c:\program files\lenovo\rescue and recovery\adm\netwk.exe
c:\Program Files\Lenovo\Rescue and Recovery\ADM\netwk.exe
[NOTE] The process is not visible.
c:\program files\thinkpad\connectutilities\acfnf5.exe
c:\Program Files\ThinkPad\ConnectUtilities\AcFnF5.exe
[NOTE] The process is not visible.

The scan of running processes will be started
Scan process 'DkIcon.exe' - '30' Module(s) have been scanned
Scan process 'DfrgNTFS.exe' - '18' Module(s) have been scanned
Scan process 'MpCmdRun.exe' - '27' Module(s) have been scanned
Scan process 'SLVoice.exe' - '69' Module(s) have been scanned
Scan process 'avscan.exe' - '81' Module(s) have been scanned
Scan process 'password_manager.exe' - '39' Module(s) have been scanned
Scan process 'Emerald.exe' - '181' Module(s) have been scanned
Scan process 'CCC.exe' - '163' Module(s) have been scanned
Scan process 'avcenter.exe' - '90' Module(s) have been scanned
Scan process 'PWMUIAux.exe' - '95' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'vssvc.exe' - '49' Module(s) have been scanned
Scan process 'DLG.exe' - '33' Module(s) have been scanned
Scan process 'BTTray.exe' - '58' Module(s) have been scanned
Scan process 'TeaTimer.exe' - '45' Module(s) have been scanned
Scan process 'GoogleToolbarNotifier.exe' - '60' Module(s) have been scanned
Scan process 'stxmenumgr.exe' - '39' Module(s) have been scanned
Scan process 'avgnt.exe' - '69' Module(s) have been scanned
Scan process 'smax4pnp.exe' - '43' Module(s) have been scanned
Scan process 'tpfnf6r.exe' - '25' Module(s) have been scanned
Scan process 'SvcGuiHlpr.exe' - '81' Module(s) have been scanned
Scan process 'SynTPLpr.exe' - '29' Module(s) have been scanned
Scan process 'MCPLaunch.exe' - '24' Module(s) have been scanned
Scan process 'GoogleQuickSearchBox.exe' - '76' Module(s) have been scanned
Scan process 'AwaySch.EXE' - '29' Module(s) have been scanned
Scan process 'tpfnf7sp.exe' - '32' Module(s) have been scanned
Scan process 'cssauth.exe' - '74' Module(s) have been scanned
Scan process 'SynTPEnh.exe' - '42' Module(s) have been scanned
Scan process 'TpScrex.exe' - '33' Module(s) have been scanned
Scan process 'TPONSCR.exe' - '27' Module(s) have been scanned
Scan process 'wmpnetwk.exe' - '75' Module(s) have been scanned
Scan process 'wmpnscfg.exe' - '37' Module(s) have been scanned
Scan process 'TpShocks.exe' - '30' Module(s) have been scanned
Scan process 'MOM.EXE' - '70' Module(s) have been scanned
Scan process 'LPMLCHK.EXE' - '52' Module(s) have been scanned
Scan process 'TPOSDSVC.exe' - '53' Module(s) have been scanned
Scan process 'wmiprvse.exe' - '34' Module(s) have been scanned
Scan process 'scheduler_proxy.exe' - '34' Module(s) have been scanned
Scan process 'ACWLIcon.exe' - '43' Module(s) have been scanned
Scan process 'ACTray.exe' - '45' Module(s) have been scanned
Scan process 'LPMGR.EXE' - '56' Module(s) have been scanned
Scan process 'rundll32.exe' - '64' Module(s) have been scanned
Scan process 'EZEJMNAP.EXE' - '36' Module(s) have been scanned
Scan process 'Explorer.EXE' - '153' Module(s) have been scanned
Scan process 'taskeng.exe' - '49' Module(s) have been scanned
Scan process 'Dwm.exe' - '43' Module(s) have been scanned
Scan process 'taskeng.exe' - '82' Module(s) have been scanned
Scan process 'logmon.exe' - '18' Module(s) have been scanned
Scan process 'SDWinSec.exe' - '47' Module(s) have been scanned
Scan process 'SUService.exe' - '64' Module(s) have been scanned
Scan process 'avshadow.exe' - '33' Module(s) have been scanned
Scan process 'AcSvc.exe' - '92' Module(s) have been scanned
Scan process 'xaudio.exe' - '14' Module(s) have been scanned
Scan process 'SearchIndexer.exe' - '63' Module(s) have been scanned
Scan process 'svchost.exe' - '9' Module(s) have been scanned
Scan process 'ViewpointService.exe' - '32' Module(s) have been scanned
Scan process 'IUService.exe' - '6' Module(s) have been scanned
Scan process 'tvtsched.exe' - '49' Module(s) have been scanned
Scan process 'rrservice.exe' - '56' Module(s) have been scanned
Scan process 'rrpservice.exe' - '22' Module(s) have been scanned
Scan process 'tvttcsd.exe' - '26' Module(s) have been scanned
Scan process 'TPHDEXLG.exe' - '20' Module(s) have been scanned
Scan process 'tvt_reg_monitor_svc.exe' - '22' Module(s) have been scanned
Scan process 'svchost.exe' - '44' Module(s) have been scanned
Scan process 'SeaPort.exe' - '58' Module(s) have been scanned
Scan process 'RegSrvc.exe' - '23' Module(s) have been scanned
Scan process 'PWMDBSVC.EXE' - '22' Module(s) have been scanned
Scan process 'svchost.exe' - '42' Module(s) have been scanned
Scan process 'FreeAgentService.exe' - '45' Module(s) have been scanned
Scan process 'PresentationFontCache.exe' - '29' Module(s) have been scanned
Scan process 'EvtEng.exe' - '86' Module(s) have been scanned
Scan process 'DkService.exe' - '60' Module(s) have been scanned
Scan process 'btwdins.exe' - '21' Module(s) have been scanned
Scan process 'svchost.exe' - '30' Module(s) have been scanned
Scan process 'mDNSResponder.exe' - '33' Module(s) have been scanned
Scan process 'AppleMobileDeviceService.exe' - '32' Module(s) have been scanned
Scan process 'avguard.exe' - '67' Module(s) have been scanned
Scan process 'AEADISRV.EXE' - '5' Module(s) have been scanned
Scan process 'AcPrfMgrSvc.exe' - '74' Module(s) have been scanned
Scan process 'IPSSVC.EXE' - '23' Module(s) have been scanned
Scan process 'TPHKSVC.exe' - '34' Module(s) have been scanned
Scan process 'svchost.exe' - '59' Module(s) have been scanned
Scan process 'sched.exe' - '56' Module(s) have been scanned
Scan process 'spoolsv.exe' - '84' Module(s) have been scanned
Scan process 'WLANExt.exe' - '87' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '31' Module(s) have been scanned
Scan process 'svchost.exe' - '93' Module(s) have been scanned
Scan process 'svchost.exe' - '85' Module(s) have been scanned
Scan process 'SLsvc.exe' - '23' Module(s) have been scanned
Scan process 'svchost.exe' - '37' Module(s) have been scanned
Scan process 'svchost.exe' - '149' Module(s) have been scanned
Scan process 'svchost.exe' - '104' Module(s) have been scanned
Scan process 'svchost.exe' - '64' Module(s) have been scanned
Scan process 'Ati2evxx.exe' - '28' Module(s) have been scanned
Scan process 'svchost.exe' - '54' Module(s) have been scanned
Scan process 'svchost.exe' - '33' Module(s) have been scanned
Scan process 'ibmpmsvc.exe' - '13' Module(s) have been scanned
Scan process 'svchost.exe' - '40' Module(s) have been scanned
Scan process 'winlogon.exe' - '30' Module(s) have been scanned
Scan process 'lsm.exe' - '22' Module(s) have been scanned
Scan process 'lsass.exe' - '60' Module(s) have been scanned
Scan process 'services.exe' - '33' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'wininit.exe' - '26' Module(s) have been scanned
Scan process 'csrss.exe' - '14' Module(s) have been scanned
Scan process 'smss.exe' - '2' Module(s) have been scanned

Starting master boot sector scan:
Master boot sector HD0
[INFO] No virus was found!

Start scanning boot sectors:
Boot sector 'C:\'
[INFO] No virus was found!

Starting to scan executable files (registry).
The registry was scanned ( '1773' files ).


Starting the file scan:

Begin scan in 'C:\' <SW_Preload>
C:\Users\Victoria\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\667c023e-358f9f5c
[0] Archive type: ZIP
[DETECTION] Contains recognition pattern of the JAVA/Agent.M.2 Java virus
--> dev/s/DyesyasZ.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.M.2 Java virus
--> dev/s/LoaderX.class
[DETECTION] Contains recognition pattern of the JAVA/Agent.M.1 Java virus

Beginning disinfection:
C:\Users\Victoria\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\62\667c023e-358f9f5c
[DETECTION] Contains recognition pattern of the JAVA/Agent.M.1 Java virus
[NOTE] The file was moved to the quarantine directory under the name '49a87d97.qua'.


End of the scan: Tuesday, August 03, 2010 23:05
Used time: 2:47:52 Hour(s)

The scan has been done completely.

26006 Scanned directories
465280 Files were scanned
2 Viruses and/or unwanted programs were found
0 Files were classified as suspicious
0 files were deleted
0 Viruses and unwanted programs were repaired
1 Files were moved to quarantine
0 Files were renamed
0 Files cannot be scanned
465278 Files not concerned
3785 Archives were scanned
0 Warnings
1 Notes
783757 Objects were scanned with rootkit scan
2 Hidden objects were found

Edited by Orange Blossom, 03 August 2010 - 10:23 PM.
Move to AII from Vista. ~ OB


BC AdBot (Login to Remove)

 





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users