Java/byte verify virus....newbee here

Discussion in 'malware problems & news' started by Aceshigh24, Dec 28, 2004.

Thread Status:
Not open for further replies.
  1. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Ive been looking at other posts on here about how to get rid of these 3 virusus or whatever there called....the only thing is, that what im reading is that i have to go to my control panel and click on java plug in.....the only thing is, when i click on my control panel there is no java plug in....im using xp.....so if there is any other way to get rid of these... that would be greatly appriciative from you guys....thank you so much, im in big need of this
  2. ronjor
    Online

    ronjor Global Moderator

    Aceshigh24

    Switch to the classic view in control panel and see if it shows up.
  3. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Ok i see it now......thank you so much, so now all i do is go to cache and just hit clear to clear everything out of there, or is there another step i have to do to get rid of this stuffo_O?
  4. ronjor
    Online

    ronjor Global Moderator

    You can clear the cache. Set it to 0 while you are there and restart, rescan your computer. If it still shows up, turnoff system restore, restart and rescan.
    Turn on system restore when through.
  5. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Ok ill try it and ill get back to you....thank you so much, hope this works
  6. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    ok no cheese....they came back when i restarted the computer and did the scan again......so any other suggestions
  7. ronjor
    Online

    ronjor Global Moderator

    Do you have Sun java or microsoft java?
  8. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Im not sure, i dont think i have microsoft cause when i go to the command prmopt and type in jview nothing comes up.....where would i go or how can i tell which one i haveo_O?
  9. ronjor
    Online

    ronjor Global Moderator

    Attached Files:

  10. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    yes thats what it looks like
  11. ronjor
    Online

    ronjor Global Moderator

  12. Primrose
    Offline

    Primrose Registered Member

    Re: ....newbee here

    Is it AVG anitivirus telling you that you are infected with Java/byte verify virus ? if so do you have the old AVG 6 version or have you recently installed the new AVG 7 version ?

    If not you need tha version ASAP in any case.

    see here
    http://forum.gladiator-antivirus.com/index.php?showtopic=19735


    AVG when it scan will tell you where it is finding that trojan..so if you tell us where then we can help you better.

    and also

    It is recommended that you do a couple of things after a serious infection.

    Just to be sure.

    Clear out your Temporary internet files and other temp files. Go to Start > Settings > Control Panel >
    Internet Options. Under the General tab click the Delete temporary internet files,
    choose to delete all Offline content. Clear out Cookies.

    Also, go to Start > Find/search > Files or folders > in the named box, type: *.tmp and choose Edit > select all ->
    File > delete.

    Empty the contents of the C:\Windows\temp folder and C:\temp folder, if you have one.

    This one too if Win2K or XP.
    C:\Documents and Settings\username\Local Settings\Temp\

    Empty the Recycle Bin.

    This will result in your having to re-enter passwords at forums, banks, and the like.

    A small price to pay if it gets rid of any bad guys.

    Flush your restore points in ME and XP, by turning System Restore off and then back on.
    This will create a fresh restore point.

    Explained here:
    http://service1.symantec.com/SUPPORT/tsgeninfo.nsf/docid/2001111912274039

    Also if you have sunjava installed it's cache should be cleared too.
    > control panel java-plugin > cache tab > hit clear!
    And make sure you have the latest version if you have sunjava.


    Adjust your security settings for ActiveX:
    a. Go to Internet Options/Security/Internet, press 'default level', then OK.
    Now press "Custom Level."
    In the ActiveX section, set/click the options as follows:
    Download signed ActiveX controls > prompt
    Download unsigned ActiveX controls > disable
    Initialize and Script ActiveX controls not marked as safe > disable
    b. In your Restricted Sites Zone set everything that can be to "disable". Set anything that cannot be disabled to "prompt".
    c. Never add any site to your Trusted Sites Zone.

    I would also recommend, In your own self defense and to reduce the potential for spyware infection in the future, installing both SpywareBlaster and SpywareGuard.

    SpywareBlaster and SpywareGuard are by JavaCool and both are free programs. SpywareBlaster will prevent spyware from being installed and consumes no system resources. SpywareGuard offers realtime protection from spyware installation and browser hijack attempts. Both have free ongoing updates.

    More info and download is available at:
    SpywareBlaster: http://www.majorgeeks.com/download.php?det=2859
    SpywareGuard: http://www.majorgeeks.com/download.php?det=3045

    Maybe consider this as well:
    IE-SPYAD puts over 5000 sites in your restricted zone, so you'll be protected when you visit
    innocent-looking sites that aren't really innocent at all.
    http://www.spywarewarrior.com/uiuc/resource.htm
    Also some info on that page to tighten your IE security.

    Be sure to also keep up with Windows and IE updates.

    Windows security and critical updates.
    http://v4.windowsupdate.microsoft.com/en/default.asp

    Internet Explorer security and critical updates.
    http://www.microsoft.com/windows/ie/default.asp

    Keep all of these programs updated, its free.
  13. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Yes I am using version 7….it is showing that they are located in

    C:\documents and settings\my name\local settings\temporary internet files\content.IE5\vb51dxtm\classload[1].zip\insecureclassloader.class

    The other ones are installer.class and blackbox.class
  14. Primrose
    Offline

    Primrose Registered Member

    The what i posted above will clean them out

    and you should always do this too

    Basic Cleanup
    Start>Programs>Accessories>System Tools>Disk Cleanup

    But is different steps if you have WinXP

    see this link and it has screenshots to guide you.

    http://www.theeldergeek.com/disk_cleanup_utility.htm
  15. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    so do you think if i follow all these steps that maybe i will be able to get rid of themo_O? they say that there embedded. does that mean that i can't get rid of themo_O??
  16. Primrose
    Offline

    Primrose Registered Member

    You mean embedded like you see here in the first post ?? ;)


    http://forum.gladiator-antivirus.com/index.php?showtopic=21548&hl=installer\.class

    No you can clean them..and in fact you can even run your AVG 7 in the safemode of your PC and do a cleaning that way.


    but if you AVG states that you are infected in other file areas like system 32..then you should post a hijacklog in that gladiator forum..just like that person did an someone will help you there.
  17. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Understandable....im only seeing that they are located in the same folders and i dont see any in the system 32 so im hoping that me cleaning this out will help out....so you recomend that if this doesnt work that i go into safe mode and run avg to see if it shows up again or should i just run it again and see if they show up?
  18. Primrose
    Offline

    Primrose Registered Member

    Do the above..reboot and then scan again..if that does not solve your problem then yes.. scan in the safe mode.
  19. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    ok one more thing for you....im trying to delete all the files in the temp folders under local settings and under windows...but it wont let me....its giving me that error deleting that file message....any suggestions?
  20. Primrose
    Offline

    Primrose Registered Member

    If you are doing it with the disk clean up tool..then reboot and do it again..but the important one is the temporary Internet folder and you can do those also in the safe mode.
  21. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    wait am i spose to delete the temp files from the disk clean up cause i was just doing it by hight lighting everything and just hitting delte.....if i need to restart i will though
  22. Primrose
    Offline

    Primrose Registered Member

    sure..if you need anything in there it will be loaded again..
  23. Aceshigh24
    Offline

    Aceshigh24 Registered Member

    Ok so heres my new deal.....first i would like to say thank you for your help....i have effectivly gotten rid of the viruses but the only problem is, is that i think they have effected certain asspects of my computer....example....when i try to open internet explorer it takes at least 45 seconds for it to open....same with my computer or any folder that i have create on my desktop....any other program is ok....aol works fine, any games work fine....its just internet explorer and any other folder.....do you know how i can go about getting this fixed or is there pretty much nothing i can do...thanks again
  24. Blackspear
    Offline

    Blackspear Global Moderator

    If you find Windows system files affected, you can place your Windows CD in the drive, click start> run type in CMD, when the black window opens type in "sfc /scannow" SFC (System File Checker, a part of Windows File Protection) will replace any changed/damaged system files with a clean copy. SFC may not solve every problem, but it's a good start that anyone can do.

    Once your system is clean you should take a look here: Why did I get infected in the first place? Also, for further discussions on security and how to make your system that much stronger, see here and here

    Hope this helps...

    Let us know how you go.

    Cheers :D
  25. Primrose
    Offline

    Primrose Registered Member

    So now defrag your hard drive and if you still have problems post your hijackthis log in that Gladiator forum ;)
    Last edited: Dec 29, 2004
Thread Status:
Not open for further replies.