tomcerami
asked on
Virus Bomb:vmain.clas and jvmimpro.jar-6b13a7e7-54ebfdaa.zip
Running XP professional sp2
norton antivirus quarantined 2 files
jvmimpro.jar-6b13a7e7-54eb
vmain.class
I removed all versions of java and then followed these instructions:
Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6u3
http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check for any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.
Computer still sending out hundreds of icmp packets.
Attached hijackthis log file below.
Thanks,
Tommy
norton antivirus quarantined 2 files
jvmimpro.jar-6b13a7e7-54eb
vmain.class
I removed all versions of java and then followed these instructions:
Updating Java:
Download the latest version of Java Runtime Environment (JRE) 6u3
http://java.sun.com/javase/downloads/index.jsp
Scroll down to where it says "The J2SE Runtime Environment (JRE) allows end-users to run Java applications".
Click the "Download" button to the right.
Check the box that says: "Accept License Agreement".
The page will refresh.
Click on the link to download Windows Offline Installation with or without Multi-language and save to your desktop.
Close any programs you may have running - especially your web browser.
Go to Start > Control Panel double-click on Add/Remove programs and remove all older versions of Java.
Check for any item with Java Runtime Environment (JRE or J2SE) in the name.
Click the Remove or Change/Remove button.
Repeat as many times as necessary to remove each Java version.
Reboot your computer once all Java components are removed.
Then from your desktop double-click on the download to install the newest version.
Computer still sending out hundreds of icmp packets.
Attached hijackthis log file below.
Thanks,
Tommy
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
I think we might be ok here...I just tested with my network team and the icmp pings are not happening anymore. If you have the time to take a quick look at the files posted just to confirm?
You are truly a guru...Thanks again!!!!!
Tommy
You are truly a guru...Thanks again!!!!!
Tommy
Tommy,
Thanks! It's good to know that the problem seems to be resolved.
I'm more than happy to check the logs but there isn't any attached here.
Have you attached them? or is my IE playing up, :(
I've also looked at EE-Stuff and no files there from this question.
Thanks! It's good to know that the problem seems to be resolved.
I'm more than happy to check the logs but there isn't any attached here.
Have you attached them? or is my IE playing up, :(
I've also looked at EE-Stuff and no files there from this question.
Firefox also doesn't display the attachments, so it must be something malfuntioning on EE pages.
I can't see the attached log in your Title which I could yesterday.
Can you just paste the logs as a comment? or upload the logs at EE-Stuff.com.
Thanks.
I can't see the attached log in your Title which I could yesterday.
Can you just paste the logs as a comment? or upload the logs at EE-Stuff.com.
Thanks.
ASKER
combofix file attached
new hjackthis file attached
- Much Thx !...