Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Windows 98


  • Please log in to reply
19 replies to this topic

#1 nosmiley

nosmiley

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 12 January 2005 - 02:16 PM

I'm new to the forum and a dummy too. I'm running Windows 98,AVG latest edition,SPYbot latest ed. and Adaware latest. I had no problems with AVG old edition. But alas.. The new edition found Java/Byte Verify, but doesn't put it in the virus vault or heal it. Says its in an archive and can't be healed. I joined the AVG forum and either can't understand what the moderator wants me to do to remove the virus, or the directions don't apply to Windows 98. They got frustrated and said I don't know what I am talking about. OK, Fine. What is an archive? My Windows doesn't list them. What are Directories? Windows doesn't list them. I followed their suggestion and ran spybot,adaware and avg.The scans are clean, but the computer hard drive won't shut down after 20 minutes of inactivity like it used to. The path? that the virus was found in is as follows and found 4 times ........IE 5\052z4QF\classload[1].jar: Getaccess.class Next: IE 5\052Z41QF\classload[1].jar:Insecure classloader.class Next: IE 5\052Z41QF\classload[1].jar:\Installer.class NEXT: IE5\CT13CD2Z\Counters[1]:\Counter[1].jar and last: C:\Recycled|DC96.jar:counter class. The moderator said in Temp.inet Directories delete classload[1]. jar I can't find these DIRECTORIES. I find temporary Internet FOLDERS , but can only see the Windows flag,a number and no bytes. The content won't show. I don't know how to delete them. I delete the Temp files each time I log off. Thanks in advance

BC AdBot (Login to Remove)

 


#2 plonkeroo

plonkeroo

  • Members
  • 17 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Southport, Britain
  • Local time:06:48 PM

Posted 12 January 2005 - 03:26 PM

I'm no expert but here's just some general help

directory = another name for folder (as opposed to file)
archive = usually a file containing other files e.g. ZIP, JAR, CAB

the computer hard drive won't shut down after 20 minutes of inactivity like it used to ... Check out your Power settings in control panel

Check contents of your hard drive using Windows Explorer to become thoroughly conversant with its contents (you may have already done so)

Suggestions - Upgrade to Win98SE and IE6, might sort out some of your bugs

Sorry I can't be more specific. As I said, I'm no expert.
PLONKEROO
Just my twopenn'orth!
http://www.celtish.net/
Internet Abuse
http://www.celtish.net/webscape/abuse.html

#3 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:48 AM

Posted 12 January 2005 - 05:42 PM

Run these online virus scanners, and see if that helps:
http://www.pandasoftware.com/activescan/
http://housecall.trendmicro.com/

Post back with the results.
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#4 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:48 PM

Posted 12 January 2005 - 07:14 PM

Open Windows Explorer and go to Tools>Folder Options> and on the View tab make sure that under Hidden files you have Show hidden files checked.

These aren't temp files so that won't help. After you can see the hidden files go to Start>Find>Find files and folders and do a search for *.jar. This should bring them up and you can delete them from there by right clicking on them and choosing delete.

Please post back with the outcome.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#5 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 14 January 2005 - 10:46 AM

Thank you for the suggestions: I went to Windows Exp., Tool>Folder>Options>View. View hidden files is checked. I closed this, went to start>Find>Find files, typed in *jar. There are no files.Did it over looked in C:, there are no files. Did it again in search my computer. There are no files.

#6 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:48 PM

Posted 14 January 2005 - 11:41 AM

That would be star dot jar
*.jar
Without the dot you are searching for things that end in jar.

IE 5\052Z41QF\classload[1].jar:\Installer.class

What is the FULL path. It would be something like C:\Windows\Temporary internet files\Content IE 5?

Download and run Ccleaner. It will clean all the temp files in your machine. Then run AVG again.

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#7 jgweed

jgweed

  • Members
  • 28,473 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Chicago, Il.
  • Local time:12:48 PM

Posted 14 January 2005 - 12:10 PM

For what it is worth, I found a pinned note(from adsby, 12/20) at the AVG forum:

If you have the virus called Java/ByteVerify, your AVG Anti-Virus cannot get rid of this alone so if you are having troubles finding a way to get rid of it, here is a step by step guide for removal.

-Go to your control panel
-(if in windows XP change over to the classic mode by clicking the link on the left just under your toolbars)
-Open Java Plug-in
-Click on the Cache tab
-Click clear

-To stop this from happening again uncheck the enable cache-ing

This should clear all of these viruses right off of your computer and stop this from happening again.

http://forum.grisoft.cz/freeforum/read.php?4,10178,backpage=

Hope this solves your problem. I used the "find file" function in AVG's virus scan report to locate, as I remember, the files and deleted them.
Cheers,
John
Whereof one cannot speak, thereof one should be silent.

#8 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 14 January 2005 - 01:16 PM

Thanks again. *.jar yields wmpns.jar 28K modified 10/16/02. To the other person: I have followed all the AVG suggestions for configuration and removal without success. Just downloaded cCleaner and ran it. Located 167 bytes including index .dat proposing to remove. All appear to be of no consequence probably icons or flags.

Edited by nosmiley, 14 January 2005 - 01:39 PM.


#9 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:48 PM

Posted 14 January 2005 - 01:47 PM

Still need to know the FULL path to the .jar files that are infected.

What is an archive


That would be a compressed file that ends with .zip, .cab etc.

What are Directories


Directories are folders that contain folders ie. Windows or Program Files.

Did you run Ccleaner? If not, do so. When you do look through the list generated for the 4 files.

Did you try the two online scans from tg1911?

Post back

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#10 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 14 January 2005 - 03:41 PM

Ran cCleaner. Hmm. It removed over a million bytes from index.dat :thumbsup: The complete path seems to be C:\Windows\temporary Internet files\Content.IE 5\05 2 Z4QF|classload[1].jar:Getaccess.class Since the cleaner removed all that stuff,does it mean we might be free? Where did it put it? It didn't show up in the recycle bin. When I tried to delete index.dat several days ago, it said they were operating system components and the computer would'nt function correctly. But cCleaner did something with them today and I am still alive.

#11 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:48 PM

Posted 14 January 2005 - 04:09 PM

Ccleaner can overide that Windows CRAP. Maybe thats why they call it CRAP Cleaner, eh? Where did it put it? It has released all those assembled electrons into the wild. In other words, it deletes it. Its gone. Now you need to run a virus scan to be sure your 4 files are gone, unless you looked through the list. Although, since the path was C:\Windows\Temporary Internet files, its most likely gone. Ccleaner is murder on temp files.

Glad you like the program. If you had to log in when you came back to post here its because Ccleaner blew off your cookies too. If you go to the Options button in Ccleaner and click the cookies tab you can protect the cookie for this site and others that you have to log into.

Problem solved?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#12 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 15 January 2005 - 09:41 AM

The AVG scan,Spybot,&Adaware are clean. The ccleaner listed a number of "issues" that I allowed it to fix. Thank you! I still am interested in why the hard drive won't shut down like it used to. In Power Mgt. of control panel, I have it set to turn off after 30 minutes of inactivity. It doesn't ,even after being reset. I wouldn't be concerned except that the fellow that owns a computer repair shop said that if it doesn't shut down, and you only have minimum programs running, it usually indicates a virus is writing code. In msconfig. , I have everything turned off except: Explorer,AVGemc,AVGcc,WMexe. Before the virus, the hard drive turned off. Lastly, in Java, I have three files:Classes,Packages,&trustlib.Packages has 6 or 7 folders of zip files that have a lot of material in them.The computer doesn't want to open them: Some files can harm.......;If you try to open anyway, the warning repeats. I don't need in there, I just wanted to eliminate stuff that was stored trash. Thanks for the responses.

#13 Leurgy

Leurgy

    Voted most likely


  • Members
  • 3,831 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Collingwood, Ontario, Canada
  • Local time:12:48 PM

Posted 15 January 2005 - 11:43 AM

I have it set to turn off after 30 minutes of inactivity. It doesn't ,even after being reset


How do you know that? Is the HD light on and flashing? Why do you have WM.exe
running?

When the only tool you own is a hammer, every problem begins to resemble a nail. Abraham Maslo

**** We use our powers for good, not evil ****

 Trying to remove your data from the web is like trying to remove pee from a swimming pool


#14 tg1911

tg1911

    Lord Spam Magnet


  • Members
  • 19,274 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:SW Louisiana
  • Local time:11:48 AM

Posted 15 January 2005 - 11:59 AM

Run both of these online scans, snd see if it helps.
There is no AV that will catch everything.
That's why it is a good idea to run a couple of online scans, occasionally.

http://www.pandasoftware.com/activescan/
http://housecall.trendmicro.com/
MOBO: GIGABYTE GA-MA790X-UD4P, CPU: Phenom II X4 955 Deneb BE, HS/F: CoolerMaster V8, RAM: 2 x 1G Kingston HyperX DDR2 800, VGA: ECS GeForce Black GTX 560, PSU: Antec TruePower Modular 750W, Soundcard: Asus Xonar D1, Case: CoolerMaster COSMOS 1000, Storage: Internal - 2 x Seagate 250GB SATA, 2 x WD 1TB SATA; External - Seagate 500GB USB, WD 640GB eSATA, 3 x WD 1TB eSATA

Become a BleepingComputer fan: Facebook

#15 nosmiley

nosmiley
  • Topic Starter

  • Members
  • 87 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:asheville, north carolina
  • Local time:01:48 PM

Posted 15 January 2005 - 02:00 PM

House call didn't find anything :thumbsup: To the other question: How do you know the HD is on? Before these problems, when you moved the mouse, or opened something, You could hear it start up, if you listened closely. You could hear it through the fan noise,a motor starting up. The other question about why WMexe. I don't know. Don't know what it is or stands for. The man at the shop has it running. I trust him, maybe I shouldn't? Thanks




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users