Java:Agent-KU[Expl] named rotor/zalux$vrkr.class in C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cashe\6.0\20\3ad12454-6614743f
Java:Agent-Kt[Expl] named rotor/zalux.class in C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cashe\6.0\20\3ad12454-6614743f
Java:Agent-KV[Expl] named rotor/Zo666.class in C:\Users\Admin\AppData\LocalLow\Sun\Java\Deployment\cashe\6.0\20\3ad12454-6614743f
Avast detected them and sent them to the chest. I think I got these with Razer’s mouse drivers. I got the LACHESIS razer mouse and updated to the recent version of firmware and driver. Then I play game and my ping skyrockets to 1000 even though I never did before. I restarted my router, restarted my computer, uninstalled the drivers and didn’t work. Then I ran a virus scan and detected the malware above. Played again and everything is back to normal. I am wondering if slowing the computer is the only thing that these malwares do or does it have another function. If so, is my computer still infected because they might have dl other malware that I am unaware of. Also, the mouse I bought was used. This sounds crazy, but is there any way that a virus could have been uploaded on the mouse? If not then razer should be informed that their drivers are infected AGAIN. Please help.
you see the ending Java:Agent-KU[Expl] means it will exploit vulnerabilities in the OS or a program
if your OS and all programs are updated you should be safe, unless this is for a new vulnerability that is not patched yet
Memory Processes Infected:
(No malicious items detected)
Memory Modules Infected:
(No malicious items detected)
Registry Keys Infected:
(No malicious items detected)
Registry Values Infected:
(No malicious items detected)
Registry Data Items Infected:
(No malicious items detected)
Folders Infected:
(No malicious items detected)
Files Infected:
(No malicious items detected)
I guess my computers clean now, but I’m sure the malware detected by Avast was linked to the razer mouse. Once again, it was used and is there any way that a virus could have been uploaded to it (I know it sounds crazy)? If not then its the driver on razer’s website must be infected.
Exploits in JAVA could mean you have an old version, seems you have 6.0.20 and the latest is 6.0.26:
I would also suggest a visit to this site, which scans your system for out of date programs that have patches to close vulnerabilities, http://secunia.com/software_inspector/.
I got one of the same virus! Java/Agent-KU, detected by avast during a boot scan.
I do not know how I got this. My #1 suspect is me misstyping the whirhpool.com site (I think I spelled it without an ‘h’). It sent me to avery fishy site and I clicked a button that said “reset connection” b/c it looked like a legit firefox button.
Shortly after that, my yahoo acount send a spam email to all my contacts! I was logged into yahoo at the time. Pretty emabarrasing. I also got a misterious post on facebook (I was also logged into facebook) that said “Re:” as my status update.
First thing I did was change my yahoo password (this is what yahoo reccomended under help). I’m worried this was a mistake, could the virus have logged my key-strokes and now know my new password???
Next, I ran and avast full system scan. Nothing found! Then I requested a boot-time scan, rebboted, and now have a black screen saying that Java/Agent-KU is infected. I have the option to delete, etc by pressing a number key.
What should I do next? I’ll be happy to post any logs, etc. Want to make sure I clean my computer and that this does not happen to tohers (I’m surprised the virus got through avast in the 1st place since I allways have it running).