Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Java agents BM and BW


  • Please log in to reply
13 replies to this topic

#1 idokpara

idokpara

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 01 March 2011 - 09:39 AM

Hello I just ran full system scan with avast and got these two trojans. It could not repair them, so I stored it in the virus chest. Avast has asked to schedule a boot-time scan, I clicked OK, not sure when that boot scan will run.

I've attached the log of the AVAST showing it completed moving the file to the chest. How do I remove these two trojans completely? ANy help would be appreciated, Thx

Daniel

Attached Files


Edited by Budapest, 01 March 2011 - 04:10 PM.
Moved from Virus, Trojan, Spyware, and Malware Removal Logs ~BP


BC AdBot (Login to Remove)

 


#2 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 01 March 2011 - 09:42 AM

on the attachment [Ex...] is [Expl]. I'm sorry it got cut off.

#3 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:36 PM

Posted 02 March 2011 - 01:03 PM

Your scan results indicate a threat(s) was found in the Java cache.

When a browser runs an applet, the Java Runtime Environment (JRE) stores the downloaded files into its cache folder for quick execution later and better performance. Both legitimate and malicious applets, malicious Java class files are stored in the Java cache directory and your anti-virus may detect them as threats. For more specific information about Java exploits, please refer to Virus found in the Java cache directory.

Notification of these files as a threat does not always mean that a machine has been infected; it indicates that a program included the viral class file but this does not mean that it used the malicious functionality. As a precaution, I recommend clearing the entire cache manually to ensure everything is cleaned out:
Also be aware that older versions of Java have vulnerabilities that malicious sites can use to exploit and infect your system. That's why it is important to always use the most current Java Version and remove outdated Java components.Even Java advises users to always have the latest version of the Java since it contains security updates and improvements to previous versions.

The latest Java version contains important enhancements to improve performance, stability and security of the Java applications that run on your machine. Installing this free update will ensure that your Java applications continue to run safely and efficiently.

Why should I upgrade to the latest Java version?
Why should I upgrade to Java 6?

You can verify (test) your JAVA Software Installation & Version here.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#4 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 02 March 2011 - 04:12 PM

Thanks alot. I've deleted alot of the temp files and cleaned out a bunch of things. Should I delete the files in the virus chest or just leave them there?

#5 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,220 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:08:36 PM

Posted 02 March 2011 - 04:31 PM

Quarantine moves the file to safe storage under control of the antivirus program - so it can't harm your system - but it's there in case a mistake was made and you need to restore that file.

A quick read...
Clean, Quarantine, or Delete?

Edited by boopme, 02 March 2011 - 04:32 PM.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#6 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:36 PM

Posted 02 March 2011 - 06:58 PM

Quarantine is just an added safety measure which allows you to view and investigate the files while keeping them from harming your computer. When the quarantined file is known to be malicious, you can delete it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.

One reason for doing this is to prevent deletion of a legitimate file file that may have been flagged as a "false positive" especially if the scanner uses heuristic analysis technology. Heuristics is the ability of a scanning program to detect possible new variants of malware before the vendor can get samples and update the program's definitions for detection. Heuristics uses non-specific detection methods to find new or unknown malware which allows the anti-virus to detect and stop if before doing any harm to your system. The disadvantage to using heuristics is that it is not as reliable as signature-based detection (blacklisting) and can potentially increase the chances that a non-malicious program is flagged as suspicious or infected. If that is the case, then you can restore the file and add it to the exclusion or ignore list. When the quarantined file is known to be malicious, you can delete it at any time by launching the program which removed it, going to the Quarantine tab, and choosing the option to delete.

Keep in mind, however, that if these files are left in quarantine, other scanning programs and security tools may flag them as a threat while in the quarantined area so don't be alarmed if you see such an alert. Just delete the quarantined items after confirming they are malware and subsequent scans should no longer detect them.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#7 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 03 March 2011 - 12:56 PM

So do you think those files in the attachment are malicious, I don't know how I would figure that out.

ANother question, for my laptop. It freezes within 5 minutes everytime I boot it up. I've ran Mcafee multiple times, no threats detected. I bought this registry cleaner thing and it found like 6000 errors, it repaired them, but then outta curiosity I would run it again right after the repair and it said there were like 700 errors. I'm thinking how is that possible within just 10 minutes. Anyway the laptop is on right now in safe mode and doesn't freeze, can you help with that?

I can't even get online to post on this forum with its logs so you can see all the specs and stuff cuz it will freeze. Is there any specific information you need I can pull from it and post here?

Once again, thank you so much ina dvance :)

Daniel

#8 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:36 PM

Posted 03 March 2011 - 02:02 PM

So do you think those files in the attachment are malicious

Not without submitted them to the vendor's lab for further analysis.

I bought this registry cleaner thing and it found like 6000 errors, it repaired them, but then outta curiosity I would run it again right after the repair and it said there were like 700 errors.

Bleeping Computer DOES NOT recommend the use of registry cleaners/optimizers for several reasons:

:step1: Registry cleaners are extremely powerful applications that can damage the registry by using aggressive cleaning routines and cause your computer to become unbootable.

The Windows registry is a central repository (database) for storing configuration data, user settings and machine-dependent settings, and options for the operating system. It contains information and settings for all hardware, software, users, and preferences. Whenever a user makes changes to settings, file associations, system policies, or installed software, the changes are reflected and stored in this repository. The registry is a crucial component because it is where Windows "remembers" all this information, how it works together, how Windows boots the system and what files it uses when it does. The registry is also a vulnerable subsystem, in that relatively small changes done incorrectly can render the system inoperable. For a more detailed explanation, read Understanding The Registry.

:step2: Not all registry cleaners are created equal. There are a number of them available but they do not all work entirely the same way. Each vendor uses different criteria as to what constitutes a "bad entry". One cleaner may find entries on your system that will not cause problems when removed, another may not find the same entries, and still another may want to remove entries required for a program to work.

:step3: Not all registry cleaners create a backup of the registry before making changes. If the changes prevent the system from booting up, then there is no backup available to restore it in order to regain functionality. A backup of the registry is essential BEFORE making any changes to the registry.

:step4: Improperly removing registry entries can hamper malware disinfection and make the removal process more difficult if your computer becomes infected. For example, removing malware related registry entries before the infection is properly identified can contribute to system instability and even make the malware undetectable to removal tools.

:step5: The usefulness of cleaning the registry is highly overrated and can be dangerous. In most cases, using a cleaner to remove obsolete, invalid, and erroneous entries does not affect system performance but it can result in "unpredictable results".

Unless you have a particular problem that requires a registry edit to correct it, I would suggest you leave the registry alone. Using registry cleaning tools unnecessarily or incorrectly could lead to disastrous effects on your operating system such as preventing it from ever starting again. For routine use, the benefits to your computer are negligible while the potential risks are great.



I can't even get online to post on this forum with its logs

What logs and how are you trying to post them?

When did the freezing start as you did not mention it when starting this thread?
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#9 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 03 March 2011 - 02:15 PM

The freezing started like around last year maybe about September. It would do it once in awhile while I was working on something. I figured ok once in awhile isn't bad, but around December to January it started freezing at the start, like sometimes a black screen comes up even before the pw prompt and it freezes there. Sometimes it'll freeze while i'm typing in my pw or shortly after I get on to my background. From what youve said it seems the registry cleaner has royally effed up everything.

So where would I go from here? I lost my windows 7 CD so I can't do a complete restore. I've done system restore to the earliest date possible and it still freezes. ANy other advice? The laptop is also old (2007) I guess it's lifetime is over, I dunno :(

Daniel

#10 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:36 PM

Posted 03 March 2011 - 02:26 PM

Crashes (BSOD), unexpected shutdowns, sudden freezing, random restarting, and booting problems could be symptomatic of a variety of things to include hardware/software issues, overheating caused by a failed processor fan, bad memory (RAM), failing or underpowered power supply, CPU overheating, motherboard, video card, faulty or unsigned device drivers, CMOS battery going bad, BIOS and firmware problems, dirty hardware components, programs hanging or unresponsive in the background, and sometimes malware. Even legitimate programs like CD Emulators (Daemon Tools, Alchohol 120%, Astroburn, AnyDVD) can trigger crashes, various stop error messages and system hangs so you may or may not be dealing with multiple issues. If the computer is overheating, it usually begins to shutdown/restart on a more regular basis. Troubleshooting for these kinds of issues can be arduous and time consuming. There are no shortcuts.

I lost my windows 7 CD

Who is the vendor/manufacturer of your machine. You can always check the vendor's support and ask them to send a replacement. However, if the creashes are hardware related, I doubt the CD will help and you may have to do diagnostic checks to determine the exact cause.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#11 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 03 March 2011 - 02:33 PM

Sounds like I just need to bite the bullet and take it into best buy and let them have at it, or starting looking for a new machine. Well thanks for the help.

Daniel

#12 river58

river58

  • Banned Spammer
  • 75 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 04 March 2011 - 08:19 PM

do you have a computer that works? if so then download avg rescue cd http://www.avg.com/us-en/avg-rescue-cd and put it on a usb or a cd and use it on your laptop

#13 quietman7

quietman7

    Bleepin' Janitor


  • Global Moderator
  • 51,399 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Virginia, USA
  • Local time:08:36 PM

Posted 04 March 2011 - 09:40 PM

I would still contact the vendor and request a replacement CD.

You also could start a new topic in the Hardware forum for assistance with diagnostic testing. If you have been having issues for a year now, I'm more inclined to suspect a hardware problem.
.
.
Windows Insider MVP 2017-2018
Microsoft MVP Reconnect 2016
Microsoft MVP Consumer Security 2007-2015 kO7xOZh.gif
Member of UNITE, Unified Network of Instructors and Trusted Eliminators

If I have been helpful & you'd like to consider a donation, click 38WxTfO.gif

#14 idokpara

idokpara
  • Topic Starter

  • Members
  • 7 posts
  • OFFLINE
  •  
  • Local time:07:36 PM

Posted 05 March 2011 - 07:08 PM

yeah I have a computer that works. So I can download a windows 64bit equivalent from that website to fix my laptop?




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users