Please help, I've got the Shinwow.Q trojan!

Discussion in 'malware problems & news' started by newbieGuy, Aug 17, 2005.

Thread Status:
Not open for further replies.
  1. newbieGuy

    newbieGuy Guest

    Well, earlier today, I got an alert saying that my computer had detected the Java.Shinwow.Q virus, and the Java.ByteVerify.exploit! (the exclamation point was in the name of the virus) trojans. They were both located in my Local Settings/Temp folder in a file called amc0000.tmp. My antivirus program, eTrust Antivirus, was unable to remove/delete the files. I tried several times deleting them the "normal" way, by sending them to the recycle bin, and then removing them "completely" from there. A refresh of the Temp folder usually showed the file was back again. I deleted the JAR cache and the temporary files from my Java Control Panel, ran the scan a few more times and got varying results. First off, there where three viruses, 2 bytevarifies, and 1 shinwow. 1 shinwow was "quarantined" the other 2 files had a status of "infected". I ran the scan again, after doing some fiddling and I ended up with 4 viruses, 2 each of the bytevarify and shinwow variety. 1 of each was successfully quarantined. I ran the scan a final time and no viruses have been found, however the file, amc0000.tmp that was corrupted is still present in the temp folder. Am I in the clear, or has my virus scanner been tricked? Sorry about the long post, I just wanted to give as much detail as possible. I'm sure this is a question that has probably been answered several times over, but I looked on the site and couldn't find an effective remedy for my problem. Any help is much appreciated. Thanks a lot everyone, in advance. :)
     
  2. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Hey newbieGuy, welcome to Wilders!

    Have you tried scanning with an anti-trojan such as Ewido?
     
  3. newbieGuy

    newbieGuy Guest

    Thanks Capp. I ran the ewido scan, and a handful of spyware programs got caught, but the scan passed over the folder that had contained the virus without any trouble, so I guess I'm ok! Thanks again for your help. :cool:
     
  4. Capp

    Capp Registered Member

    Joined:
    Oct 16, 2004
    Posts:
    2,125
    Location:
    United States
    Glad to help :)

    It's always best to keep a layered protection for your system. Such as an Anti-virus, Anti-Trojan, a few anti-spyware apps, etc..
     
  5. ravin

    ravin Registered Member

    Joined:
    May 2, 2003
    Posts:
    241
    Location:
    South Carolina
  6. WhereTheBeef

    WhereTheBeef Guest

    Have had absolute tons of those type of infections when using sun java...not knocking sun java just saying it like it really is. In many cases by simply running MRUBLASTER which cleans the temp folders on re-boot the viruses would be cleaned. The cleaning has to be done on re-boot because the files are in use.
    Any AV will offer protection from these. But don't be surprised if the AV can't clean the viruses either........but just about any temp cleaner will do the trick.
     
Loading...
Thread Status:
Not open for further replies.