funk.exe ej.exe jar.jar-36170ac6-5a56fe0c.zip

These disapeared and came back.  How do you remove these for sure?

Date      Filename      Virus Name      Virus Type
5/24/2006 17:20      funk.exe      Download.Trojan      File
5/24/2006 17:20      ej.exe      Download.Trojan      File
5/24/2006 17:20      jar.jar-36170ac6-5a56fe0c.zip      ??????      Compressed file
5/24/2006 17:20      Xeyond.class      Downloader.Trojan      File; Compressed file
5/24/2006 17:20      Worker.class      Trojan.ByteVerify      File; Compressed file
5/24/2006 17:20      VerifierBug.class      Trojan.ByteVerify      File; Compressed file
5/24/2006 17:20      Counter.class      Trojan.ByteVerify      File; Compressed file
5/24/2006 17:20      jar.jar-36170ac6-5a56fe0c.zip      Trojan.ByteVerify      File
JohnLucaniaAsked:
Who is Participating?
 
rpggamergirlCommented:
Have you tried deleting them?
Do you have their paths?
funk.exe should show up in hijackthis log, hijackthis can delete the registry key and you can killbox the file.

In the registry run key have you look there?
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
"funk"="C:\WINDOWS\system32\funk.exe "


All viruses in the jar cache can be deleted by emptying the cache or deleting the jar.
From the Start button, click Settings  > Control Panel
In the Control Panel, open the "Java Plug-in Control Panel"
Select the Cache Tab
Click the Clear button inside the Cache Tab, which will clear your JRE cache directory
http://www.java.com/en/download/help/cache_virus.xml
0
 
Purple_SkyCommented:
Lets run the following scans and then look at your hijackthis log.

1-download and install ewido www.ewido.net 
Install Ewido Security Suite
When installing, under "Additional Options" uncheck..
Install background guard
Install scan via context menu
Double-click the icon on Desktop to launch Ewido
You will need to update Ewido to the latest definition files.
On the left hand side of the main screen click update.
Then click on Start Update.
And under scanner do a full system scan

2-Perform an online scan using Internet Explorer with Panda ActiveScan at http://www.pandasoftware.com/products/activescan.htm
click on "Free use ActiveScan" located on the top right hand corner
Click Check Now & a 'pop up' window shall appear. *ensure that your pop up blocker doesn't block it
Enter your e-mail address, country, and state & click Scan Now ...begins downloading 8 MB Panda's ActiveX controls
Begin the scan by selecting My Computer
If it finds any malware, it will offer you a report.
Click on see report. Then click Save report

3-Please perform an online scan with Internet Explorer at Kaspersky Online Scanner www.kaspersky.com

Answer Yes, when prompted to install an ActiveX component.
The program will then begin downloading the latest definition files.
Once the files have been downloaded click on NEXT
Locate the Scan Settings button & configure to:
Scan using the following Anti-Virus database:
Extended
Scan Options:
Scan Archives
Scan Mail Bases
Click OK & have it scan My Computer
Once the scan is complete, it will display if your system has been infected. It does not provide an option to clean/disinfect. We only require a report from it.
Click the Save as Text button to save the file to your desktop so that you may post it in your next reply

Download and run Hjt and save a log file http://www.hijackthis.de/ paste the log file back to that same web site analyze and then save analysis and post the link here.

And let us know with your progress and/or if you have any questions.
0
 
JohnLucaniaAuthor Commented:
It seems ok now.  
figers-crossed!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.