Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Potentially harmful process just found- is this a virus?


  • Please log in to reply
3 replies to this topic

#1 Lamenz

Lamenz

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 15 January 2013 - 03:45 PM

I have an HP Pavilion g7, 64bit, running on Windows 7.
It has been EXTREMELY slow recently, w/ constant freezing, to the point where I have to manually restart the computer. It seemed like processes were constantly running in the background, so I went through msconfig, and got rid of many of the startup programs. It helped a little, but not much. So I ran Security Task Manager, and nothing came up beyond a 47% rating- but I ended some of the processes that I thought were unnecessary. Then I had issues w/ Java- it kept prompting me to update the plugin, which I did, as this was several days before the news hit about the Java security issues. As soon as I found out about the Java issues, I went it and disabled Java & the Firefox Java plugin. I downloaded Malwarebytes Pro, and it came up clean. I ran the Eset one-time scan, which found 1 infected file, and deleted it. I have avast running, which keeps coming up clean.
I ran Security Task Manager again today, like I've been doing every day for the past week, and suddenly today there was a process that ranked 67%, and was listed as "potentially harmful." It was called "Microsoft application virtualization virtual service agent", and under the description, it listed the function was "to manipulate."
I don't know where this process came from- it never came up before on the STM scan, and like I said, it ranked pretty high on the security rating, when nothing had ever been above 47% (and this was Avast). But it came up on the list of processes for the first time today, and I am wondering if it is some type of virus, possibly from the Java issue? I have no clue, but it seems a little suspicious to me. I quarantined it for the time being, but was hoping someone could shed some light on this for me? And if this is not a virus, any other suggestions as to the constant freezing of my laptop, which is months old, and keeps coming up clean on all virus scans, even Malwarebytes pro?
Thank you for your time!!

Edited by Lamenz, 15 January 2013 - 03:49 PM.


BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:02 AM

Posted 16 January 2013 - 12:16 PM

The file sftvsa.exe is located in a subfolder of "C:\Program Files" or sometimes in a subfolder of "C:\Documents and Settings". Known file sizes on Windows 7/XP are 219,496 bytes (92% of all occurrences), 209,768 bytes, 203,608 bytes, 203,624 bytes or 213,504 bytes. The program is not visible,so perhaps you are set to "Show hiiden files."


I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image
      icon on your desktop.
  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Click the Back button.
  • Click the Finish button.

NOTE:Sometimes if ESET finds no infections it will not create a log.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 Lamenz

Lamenz
  • Topic Starter

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Local time:10:02 AM

Posted 16 January 2013 - 07:36 PM

Ok, I ran the scan again as advised (I did run it a few days ago, and it found 1 infected file, which it deleted- it said it was a variant of Win32/BSDownloader application). But it came up clean, just like all of the other scans I ran. I have Avast, and Malwarebytes Pro.

Any other ideas as to what can be going on?

Thanks again!!

#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 72,917 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:11:02 AM

Posted 18 January 2013 - 03:27 PM

OK,as we get different malware on each run we should get a deeper look. Please follow this Preparation Guide and post in a new topic.

Let me know if all went well.


Include this link back to here...

http://www.bleepingcomputer.com/forums/topic481876.html/page__pid__2949622#top
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users