David H. Lipman said:
Delete the classload.jar41 file or directory.
Also..
start --> settings --> control panel --> java
Clear the Java cache.
Then perform the following...
1) Download the following two items...
Trend Sysclean Package
http://www.trendmicro.com/download/dcs.asp
Latest Trend signature files.
http://www.trendmicro.com/download/pattern.asp
Create a directory.
On drive "C:\"
(e.g., "c:\New Folder")
or the desktop
(e.g., "C:\Documents and Settings\lipman\Desktop\New Folder")
Download SYSCLEAN.COM and place it in that directory.
Download the signature files (pattern files) by obtaining the ZIP file.
For example; lpt307.zip
Extract the contents of the ZIP file and place the contents in the same
directory as
SYSCLEAN.COM.
2) If you are using WinME or WinXP, disable System Restore
http://vil.nai.com/vil/SystemHelpDocs/DisableSysRestore.htm
3) Reboot your PC into Safe Mode
4) Using the Trend Sysclean utility, perform a Full Scan of your
platform and
clean/delete any infectors found
5) Restart your PC and perform a "final" Full Scan of your platform
6) If you are using WinME or WinXP, Re-enable System Restore and
re-apply any
System Restore preferences, (e.g. HD space to use suggested 400 ~
600MB),
7) Reboot your PC.
8) If you are using WinME or WinXP, create a new Restore point
9) Please report back your results
Dave
| AVG tells me that these three are viruses:
|
| getaccess.class
| insecuredclassloader.class
| installer.class
|
| They are located in a hidden folder in app
|
data\sun\java\deployment\cache\javap:\v1.0\classload.jar41\****viruses****
|
| When I click for more info it tells me that there are windows updates
| available to prevent the abuse of this java weakness, however, I have
all
| updates and AVG still lists it as viruses.
|
| What is the concensus on this situation if anyone knows?
|
|
|
David,
The results of the scan, which took a long time, were negative.
Seems to be a very thorough scanner, however.
What is with the access denied areas that did not get scanned?
Thanks again.
The results are as follows:
/--------------------------------------------------------------\
| Trend Micro Sysclean Package |
| Copyright 2002, Trend Micro, Inc. |
|
http://www.trendmicro.com |
\--------------------------------------------------------------/
2004-12-19, 10:16:10, Auto-clean mode specified.
2004-12-19, 10:16:10, Running scanner "C:\Documents and Settings\Do Not D
L anything\Desktop\New Folder\TSC.BIN"...
2004-12-19, 10:18:32, Scanner "C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder\TSC.BIN" has finished running.
2004-12-19, 10:18:32, TSC Log:
Damage Cleanup Engine (DCE) 3.8(Build 1019)
Windows XP(Build 2600: Service Pack 2)
Start time : Sun Dec 19 2004 10:16:10
Load Damage Cleanup Template (DCT) "C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder\tsc.ptn" (version 469) [success]
Complete time : Sun Dec 19 2004 10:18:32
Execute pattern count(1582), Virus found count(0), Virus clean count(0),
Clean failed count(0)
2004-12-19, 10:18:59, An error occurred while scanning file "C:\Documents
and Settings\Do Not D L anything\NTUSER.DAT": Access is denied.
2004-12-19, 10:18:59, An error occurred while scanning file "C:\Documents
and Settings\Do Not D L anything\NTUSER.DAT.LOG": Access is denied.
2004-12-19, 10:19:31, An error occurred while scanning file "C:\Documents
and Settings\Do Not D L anything\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2004-12-19, 10:19:31, An error occurred while scanning file "C:\Documents
and Settings\Do Not D L anything\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2004-12-19, 10:20:27, An error occurred while scanning file "C:\Documents
and Settings\NetworkService\NTUSER.DAT": Access is denied.
2004-12-19, 10:20:27, An error occurred while scanning file "C:\Documents
and Settings\NetworkService\ntuser.dat.LOG": Access is denied.
2004-12-19, 10:20:27, An error occurred while scanning file "C:\Documents
and Settings\NetworkService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat": Access is denied.
2004-12-19, 10:20:27, An error occurred while scanning file "C:\Documents
and Settings\NetworkService\Local Settings\Application
Data\Microsoft\Windows\UsrClass.dat.LOG": Access is denied.
2004-12-19, 12:09:00, An error was detected on "C:\System Volume
Information\*.*": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\default": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\default.LOG": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\SAM": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\SAM.LOG": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\SECURITY": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\SECURITY.LOG": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\software": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\software.LOG": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\system": Access is denied.
2004-12-19, 12:19:05, An error occurred while scanning file
"C:\WINDOWS\system32\config\system.LOG": Access is denied.
2004-12-19, 12:22:12, Running scanner "C:\Documents and Settings\Do Not D
L anything\Desktop\New Folder\VSCANTM.BIN"...
2004-12-19, 12:59:57, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 12:22:13
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
55202 files have been read.
55202 files have been checked.
33307 files have been scanned.
53130 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 12:59:57
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 12:59:57, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 12:22:13
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
55202 files have been read.
55202 files have been checked.
33307 files have been scanned.
53130 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 12:59:57 37 minutes 40 seconds (2260.71 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 12:59:57, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 12:22:13
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 C:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
55202 files have been read.
55202 files have been checked.
33307 files have been scanned.
53130 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 12:59:57 37 minutes 40 seconds (2260.71 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 12:59:57, Scanner "C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder\VSCANTM.BIN" has finished running.
2004-12-19, 14:08:47, An error was detected on "D:\System Volume
Information\*.*": Access is denied.
2004-12-19, 14:08:47, Running scanner "C:\Documents and Settings\Do Not D
L anything\Desktop\New Folder\VSCANTM.BIN"...
2004-12-19, 14:11:03, Files Detected:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 14:08:48
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
2037 files have been read.
2037 files have been checked.
1185 files have been scanned.
1185 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 14:11:03
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 14:11:03, Files Clean:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 14:08:48
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
2037 files have been read.
2037 files have been checked.
1185 files have been scanned.
1185 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 14:11:03 2 minutes 12 seconds (131.52 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 14:11:03, Clean Fail:
Copyright (c) 1990 - 2004 Trend Micro Inc.
Report Date : 12/19/2004 14:08:48
VSAPI Engine Version : 7.000-1004
VSCANTM Version : 1.1-1001
Virus Pattern Version : 307 (81821 Patterns) (2004/12/17) (230700)
Command Line: C:\Documents and Settings\Do Not D L anything\Desktop\New
Folder\VSCANTM.BIN /NBPM /S /CLEANALL /LAPPEND /LD /LC /LCF /NM /NB /C
/ACTIVEACTION=5 D:\*.* /P=C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder
2037 files have been read.
2037 files have been checked.
1185 files have been scanned.
1185 files have been scanned. (including files in archived)
0 files containing viruses.
Found 0 viruses totally.
Maybe 0 viruses totally.
Stop At : 12/19/2004 14:11:03 2 minutes 12 seconds (131.52 seconds) has
elapsed.
---------*---------*---------*---------*---------*---------*---------*---------*
2004-12-19, 14:11:03, Scanner "C:\Documents and Settings\Do Not D L
anything\Desktop\New Folder\VSCANTM.BIN" has finished running.
