Jump to content


Photo

My computer keeps shutting down


  • Please log in to reply
21 replies to this topic

#1 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 14 November 2006 - 09:39 AM

Hi, I hope my computer stays up long enough to get this posted. I ran your virus scan the first time this morning and it was able to finish and even said the name of the virus. Before I could get back to the computer to write down the name it shut down. I have run the antivirus scan 3 more times but I get as far as the virus being found and then it shuts off. I know it's in documents and settings, under monty, and the java or sun folder. It's a trojan/something i haven't seen before and can't remember the name. I think it's going to shut down again so I will return to finish post. So, I tried to follow the advice about trying certain things first like run Ad-Aware and I got as far as updating it before the computer shut down again. If I can get windows live care to run the antivirus again I might be able to get a name. Will try that after get baby settled down and see what happens. Any help will be so appreciated!

Edited by redhawkeagle, 14 November 2006 - 09:43 AM.


#2 travyboy00

travyboy00

    Advanced Member

  • Advanced Member
  • 434 posts
  • Gender:Male


Posted 14 November 2006 - 01:37 PM

Can you start your computer back up right away after it shuts down? If not, it could be overheating.
http://www.acronis.c...tting-down.html

If this isn't the case, it may be the virus you're talking about or another issue.

#3 pacman123

pacman123

    Supervised HJT Helper

  • Malware Classroom Trainee
  • PipPipPip
  • 1,522 posts
  • Location:Sheffield.uk


Posted 14 November 2006 - 02:46 PM

Hi redhawkeagle,
This may allow you to stay online long ehough to complete your scans :-

Click Start > Run > type shutdown -a > click OK

Hope this helps..........

Regards pacman123

Edited by pacman123, 14 November 2006 - 02:47 PM.


#4 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 14 November 2006 - 09:55 PM

I've worked with this thing ALL day long trying to get something scanned enough to find any names, files anything. Finally, got Ad-Aware to scan and clean up some things but it took several attempts. I didn't get to try your suggestion but will do.

thanks


Hi redhawkeagle,
This may allow you to stay online long ehough to complete your scans :-

Click Start > Run > type shutdown -a > click OK

Hope this helps..........

Regards pacman123



#5 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 14 November 2006 - 09:57 PM

Yes, I can start my computer back up immediately. Won't let me go to the boot menu so I can start in safe mode, though. Just sails right past it.


Can you start your computer back up right away after it shuts down? If not, it could be overheating.
http://www.acronis.c...tting-down.html

If this isn't the case, it may be the virus you're talking about or another issue.



#6 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 14 November 2006 - 10:13 PM

Uh oh, it knows I'm up to something. :hammer: Anyway, like I said earlier when I ran pcpitstops antivirus the very first time it was able to complete and give me the name of the virus. Unfortunately, I was getting the little one ready for school and when I got back to my computer it shut down. It was just one virus name. It has been a challenge all day to try and get something out of this computer but managed to get AdAware to scan but never complete a scan before it would shut down. As soon as AdAware got to the file and reported a virus the computer shut down soon after. So, I ran it in increments. Would scan for a little then I would stop and clean until it finally scanned past the file where I think the virus is. I did turn Windows One Live Care off completely for the last scan. Windows Live One Care has found 6 files that it couldn't clean and supposedly blocked in the past. When I tried to run it today it would shut down before finishing but I did manage to get 4 of the 6 before it shut down again. They are: File name: Worker.class File location: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\...\ virus name: Trojan: Java/Classloader.F File name: Beyond.class File location: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\...\ virus name: Trojan Downloader: Win32/Femad.K File name: web.exe File location: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\...\ virus name: Trojan Downloader: Win 32\Clagger.G File name: Gummy.class File location: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\...\ virus name: that's as far as I got before it shut down and just haven't had the time to get back on and run anymore scans. Does any of this tell anyone anything? I hope so. I might be able to work a little on this tomorrow early morning but it is going to be busy later on. I will try the suggestions I've gotten so far. Thank you

#7 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 14 November 2006 - 11:12 PM

Okay, I don't know if any of this is going to be able to tell anybody anything other than the obvious but it's late and I thought I'd just post what I have so far..... I don't know exactly what this is trying to tell me. Except that if the disinfection result was successful it's a bunch of baloney because I still can hear the computer making all kinds of noise. I know it's going to shut down on me if I keep up much longer! 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\web.exe Contained Object: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\web.exe->(FSG-v2.0) VirusName: TrojanDownloader:Win32/Clagger.G Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\Worker.class VirusName: Trojan:Java/Classloader.F Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\Beyond.class VirusName: TrojanDownloader:Win32/Femad.K Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\Gummy.class VirusName: Trojan:Java/Classloader.D Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\Counter.class VirusName: Java/Bytverify Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:34 PM Windows Live OneCare found a virus on your computer FileName: C:\DOCUME~1\Monty\LOCALS~1\Temp\AAWTMP\C351675\8B77C\VerifierBug.class VirusName: Java/Bytverify Infection was found by On Access Protection: (ANTIVIRUS_ONACCESS_INFECTED) Disinfection Result: ANTIVIRUS_ONINFECTION_RESULT_FOUND Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->web.exe->(FSG-v2.0) VirusName: TrojanDownloader:Win32/Clagger.G Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Worker.class VirusName: Trojan:Java/Classloader.F Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Beyond.class VirusName: TrojanDownloader:Win32/Femad.K Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Gummy.class VirusName: Trojan:Java/Classloader.D Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Counter.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 1:07 PM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->VerifierBug.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 12:58 PM Windows Live OneCare Antivirus could not scan a file on your computer. FileName: C:\Documents and Settings\Friends and Family\Local Settings\Temp\hsperfdata_Friends and Family\2392(A8020005) 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->web.exe->(FSG-v2.0) VirusName: TrojanDownloader:Win32/Clagger.G Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Worker.class VirusName: Trojan:Java/Classloader.F Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Beyond.class VirusName: TrojanDownloader:Win32/Femad.K Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Gummy.class VirusName: Trojan:Java/Classloader.D Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Counter.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:13 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->VerifierBug.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/14/2006 9:03 AM Windows Live OneCare Antivirus could not scan a file on your computer. FileName: C:\Documents and Settings\Friends and Family\Local Settings\Temp\hsperfdata_Friends and Family\2392(A8020005) 11/14/2006 8:43 AM Antivirus monitoring was turned on 11/14/2006 4:26 AM Antivirus monitoring was turned off 11/14/2006 4:19 AM Successfully updated signatures from: SS(1.10.1832.5), BS(1.10.1651.0), Eng(1.1.1609.0) to: SS(1.10.1833.6), BS(1.10.1651.0), Eng(1.1.1609.0) at: 11/14/2006 4:19:21 AM 11/13/2006 8:08 PM Antivirus monitoring was turned on 11/13/2006 7:44 PM Antivirus monitoring was turned off 11/13/2006 8:46 AM Antivirus Scan was Cancelled Scanned Items: C:\ Scan StartTime: 11/13/2006 08:40:49 Scan EndTime: 11/13/2006 08:46:44 Total Number of Files Scanned: 6423 Total Number of Files Not Scanned: 3 Total Number of Infected Files Found: 0 Total Number of Files Cleaned: 0 Total Number of Files Quarantined: 0 Total Number of Files Still Infected But Blocked: 0 11/13/2006 8:44 AM Windows Live OneCare Antivirus could not scan a file on your computer. FileName: C:\Documents and Settings\Friends and Family\Local Settings\Temp\hsperfdata_Friends and Family\2392(A8020005) 11/13/2006 8:41 AM Windows Live OneCare Antivirus could not scan a file on your computer. FileName: C:\pagefile.sys(A8020020) 11/13/2006 8:41 AM Windows Live OneCare Antivirus could not scan a file on your computer. FileName: C:\hiberfil.sys(A8020020) 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->web.exe->(FSG-v2.0) VirusName: TrojanDownloader:Win32/Clagger.G Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Worker.class VirusName: Trojan:Java/Classloader.F Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Beyond.class VirusName: TrojanDownloader:Win32/Femad.K Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Gummy.class VirusName: Trojan:Java/Classloader.D Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->Counter.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success 11/13/2006 8:00 AM Windows Live OneCare found a virus on your computer FileName: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip Contained Object: C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip->VerifierBug.class VirusName: Java/Bytverify Infection was found by On Demand Scan: (ANTIVIRUS_ONDEMAND_INFECTED) Disinfection Result: Blocked Success

#8 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 15 November 2006 - 05:46 AM

:clap: Finally!!!!!! I can't believe it! It didn't shut down! After all this time :geezer: I finally got it! PcPitstops anitvirus says: The Trj/Banker.CZI Virus was found in file C:\Documents and Settings\Monty\Application Data\Sun\Java\Deployment\cache\javapi\v1.0\jar\arc.zip-39152db7-123b8b12.zip So, if Windows Live One Care says I have 6 different ones and you say I have 1 how do I get rid of it or them? I don't entirely trust Live One Care. I mean it's told me this before but it can't do anything but block the files it thinks are infected. Any advice anyone? Thanks!

#9 Juliet

Juliet

    Advanced Member

  • Trusted Malware Techs
  • 22,185 posts
  • Gender:Female


Posted 15 November 2006 - 07:29 AM

:sparkle:Since so many of the infections were found in your Java files, to me it means you haven't updated Java to the newest version....
Also temp files may or may not have been deleted in a good while.


Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:
  • Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9.
  • Scroll down to where it says ""Java Runtime Environment (JRE) 5.0 Update 9".".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
    Go to Start > Control Panel double-click on the Software icon > add/remove programs.
    Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    It should have next icon next to it: Posted Image
    Select it and click Remove.
  • Close any programs you may have running - especially your web browser.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-1_5_0_09-windowsi586-p.exe to install the newest version.


Download: CCleaner (freeware)
http://www.majorgeek...wnload4191.html
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner click the Windows [tab]
Select the following:
Posted Image
Next: click Options click the Settings tab
Uncheck: "Only delete files older than 48 hrs.", click Ok
Then click Run Cleaner (bottom right) then Exit
Note: Please do NOT use the Applications tab or the Issues icon. Keep to the Cleaner icon and the Windows tab

Try the above and scan again. This may not be a cure but a start to solve the problems.
Also read this thread about a program called Bootsafe, for those who cannot go into Safemode.
http://forums.pcpits...howtopic=115364
Please do not PM me for HJT help, we all benefit from posting on the open board.

MS - MVP Consumer Security 2009 - 2014

#10 ineedhelpregularly21

ineedhelpregularly21

    SFRECONLRRPOMFGD33LTA

  • Anti-Spyware Brigade
  • 2,994 posts
  • Gender:Male
  • Location:Philippines


Posted 15 November 2006 - 08:37 AM

hmm... i see you are infected with too many viruses, after updating Java and doing instructions from Juliet, download and run HJT, and post the log to the Hijackthis log forums...
MSDNAA member

#11 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 15 November 2006 - 10:01 AM

I've worked with this thing ALL day long trying to get something scanned enough to find any names, files anything. Finally, got Ad-Aware to scan and clean up some things but it took several attempts. I didn't get to try your suggestion but will do.

thanks


I did this finally.

Thanks

#12 dasudevil

dasudevil

    Advanced Member

  • Advanced Member
  • 422 posts

Posted 15 November 2006 - 02:07 PM

do you all think a reg cleaner like regcure may help? I know CCleaner has one however i found it not as effective. I use both personally Also what about removing the live care and installing some free virus scanners at download.com or majorgeeks.com? If your not happy with the program y would you still keep it?

#13 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 15 November 2006 - 09:03 PM

:sparkle:Since so many of the infections were found in your Java files, to me it means you haven't updated Java to the newest version....
Also temp files may or may not have been deleted in a good while.


Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update.

Updating Java:

  • Download the latest version of Java Runtime Environment (JRE) 5.0 Update 9.
  • Scroll down to where it says ""Java Runtime Environment (JRE) 5.0 Update 9".".
  • Click the "Download" button to the right.
  • Check the box that says: "Accept License Agreement".
  • The page will refresh.
  • Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
    Go to Start > Control Panel double-click on the Software icon > add/remove programs.
    Search in the list for all previous installed versions of Java. (J2SE Runtime Environment.... )
    It should have next icon next to it: Posted Image
    Select it and click Remove.
  • Close any programs you may have running - especially your web browser.
  • Repeat as many times as necessary to remove each Java versions.
  • Reboot your computer once all Java components are removed.
  • Then from your desktop double-click on jre-1_5_0_09-windowsi586-p.exe to install the newest version.
Download: CCleaner (freeware)
http://www.majorgeek...wnload4191.html
Run the installer, and uncheck the option to install Yahoo toolbar (unless you want Yahoo toolbar).
Once installed, run CCleaner click the Windows [tab]
Select the following:
Posted Image
Next: click Options click the Settings tab
Uncheck: "Only delete files older than 48 hrs.", click Ok
Then click Run Cleaner (bottom right) then Exit
Note: Please do NOT use the Applications tab or the Issues icon. Keep to the Cleaner icon and the Windows tab

Try the above and scan again. This may not be a cure but a start to solve the problems.
Also read this thread about a program called Bootsafe, for those who cannot go into Safemode.
http://forums.pcpits...howtopic=115364


Hi Juliet,

Thanks a lot! I did get to do everything you said to do today except rescan. I will rescan with pcpitstops antivirus tonight before I go to sleep.
I don't know really if it's gotten better though. I did attempt to run TrendMicro's free scan but after 3 hours and it said it still had 4 1/2 to go I stopped it. When I got home tonight it shut down so I'm not sure just how much better. I'm getting ready to run the ultimate test that will tell me without a doubt.

I hope I'll be able to work a little more on it tomorrow morning.

Thanks again!

#14 Juliet

Juliet

    Advanced Member

  • Trusted Malware Techs
  • 22,185 posts
  • Gender:Female


Posted 16 November 2006 - 08:41 AM

:sparkle: Taking a closer look over your scan findings.....
web or web.exe - Process Name: W32.Gokar.A@mm

Trj/Banker.CZI Virus -- Trojan detected as Banker.CZI

I think it would be in your best interest to have a Trusted Advisor look through your machine for remnants that could be hanging on...
Especially since one that was found could be a bank info stealer... Trj/Banker.CZI
Follow the link below and post a HJTlog in the proper forum for assistance.


Before Posting Your Hijackthis Log - Read This!
Please do not PM me for HJT help, we all benefit from posting on the open board.

MS - MVP Consumer Security 2009 - 2014

#15 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 24 November 2006 - 09:01 AM

hmm... i see you are infected with too many viruses, after updating Java and doing instructions from Juliet, download and run HJT, and post the log to the Hijackthis log forums...



It's the day after Thanksgiving and I finally got to do this. I posted my HiJack This log just a few minutes ago under HJT Finally!

Thanks for your help!

#16 ineedhelpregularly21

ineedhelpregularly21

    SFRECONLRRPOMFGD33LTA

  • Anti-Spyware Brigade
  • 2,994 posts
  • Gender:Male
  • Location:Philippines


Posted 25 November 2006 - 03:26 AM

Oh, update 10 for Java is out :P
MSDNAA member

#17 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 25 November 2006 - 10:13 AM

Oh, update 10 for Java is out :P


Thanks, I am going to go get that update. Meanwhile, I tried running Spybot but my computer keeps shutting down :boxing: and I did get to run HiJack This and posted my log but no one is touching it. I don't have a clue what to do. :huh: :blink:

Thanks

#18 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 25 November 2006 - 09:20 PM

Thanks, I am going to go get that update. Meanwhile, I tried running Spybot but my computer keeps shutting down :boxing: and I did get to run HiJack This and posted my log but no one is touching it. I don't have a clue what to do. :huh: :blink:

Thanks


I went to the Java website and it didn't show an updated program. It only showed the latest .9 version.

#19 ineedhelpregularly21

ineedhelpregularly21

    SFRECONLRRPOMFGD33LTA

  • Anti-Spyware Brigade
  • 2,994 posts
  • Gender:Male
  • Location:Philippines


Posted 25 November 2006 - 11:05 PM

It's here: http://www.majorgeek...ment_d4648.html
MSDNAA member

#20 redhawkeagle

redhawkeagle

    Member

  • Members
  • 50 posts

Posted 27 November 2006 - 11:03 AM

It's here: http://www.majorgeek...ment_d4648.html



Hello ineedhelp,

I went last night and updated Java. But yesterday I was finally able to download and run Spybot Search & Destroy. However, when it first started and was trying to download the updates it hung up so I restarted it. Then I ran it again and I was able to complete the scan. The curious thing was that the only critical results it came up with all had to do with Windows Live One Care. 9 instances of the registry being changed and it all looked like it was dealing with the notifying of the anitvirus and firewall being disabled. I'm not sure now if that was what was originally the problem or if the virus somehow was able to trick me into turning off all the notifications and stuff.

Windows Live One Care still comes up when I click the icon in the taskbar and everything looks okay. Am I just getting paranoid now?

By the way, I tried to run a full antivirus scan from PCPitstop last night and my computer shut down again. I also posted a HiJackThis log the day after Thanksgiving.

Help! What is going on?! I'm ready to just trash this thing. :crash: :rofl2: :pullhair: :help: :thud:

Any assistance would be greatly appreciated!

Thanks,
redhawkeagle




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users