General discussion

Java/openStream Virus "Help"

HI,
MIcron laptop,winXP PRO,750Hz 192 Ram 20 gig I have incounted a Java Virus,witch I can not delete,I tried
with Spybot,cws,adware,housecall,panda and none would
delete this Virus. Went to add/remove pro,and deleted
sun/java,re-booted and ran all the programs again,still
there.Also ran AVG and could not do anything with it.
Anybody have a fix for this Virus. Thanks for your time.

Andy

Discussion is locked

Follow
Reply to: Java/openStream Virus "Help"
PLEASE NOTE: Do not post advertisements, offensive materials, profanity, or personal attacks. Please remember to be considerate of other members. If you are new to the CNET Forums, please read our CNET Forums FAQ. All submitted content is subject to our Terms of Use.
Reporting: Java/openStream Virus "Help"
This post has been flagged and will be reviewed by our staff. Thank you for helping us maintain CNET's great community.
Sorry, there was a problem flagging this post. Please try again now or at a later time.
If you believe this post is offensive or violates the CNET Forums' Usage policies, you can report it below (this will not automatically remove the post). Once reported, our moderators will be notified and the post will be reviewed.
Comments
- Collapse -
Hi Andy

Move the file directly into the AVG Virus Vault. Scan again using updated AVG.

Once AVG scan is clean and if you are using Windows ME or Windows XP, it is recommended to turn off System Restore:

For WindowsME

1. Click Start, Settings, and then click Control Panel.
2. Double-click the System icon. The System Properties dialog box appears.

NOTE: If the System icon is not visible, click "View all Control Panel options" to display it.

3. Click the Performance tab, and then click File System.
4. Click the Troubleshooting tab, and then check Disable System Restore.
5. Click OK. Click Yes, when you are prompted to restart Windows.

For WindowsXP

NOTE: These instructions assume that you are using the default Windows XP Start Menu and have not changed to the Classic Start menu. To re-enable the default menu, right-click Start, click Properties, click Start menu (not Classic) and then click OK.

1. Click Start.
2. Right-click the My Computer icon, and then click Properties.
3. Click the System Restore tab.
4. Check "Turn off System Restore" or "Turn off System Restore on all drives"
5. Click Apply.
6. When turning off System Restore, the existing restore points will be deleted. Click Yes to do this.
7. Click OK.

- Collapse -
HI Donna

Thanks for the info, I did all that,I did shut down Restore and AVG would not let me put it into the vault.
or do anything with. My AVG is up to date,that's why I
went into add/renove and deleted sun/java,but it didn't
help.

ANDY

- Collapse -
I suggest that you do the following:

Empty temporary internet files
Start>Run type %temp%
Hit OK. Delete all items in the folder that will appear in your screen.

Go for online scan using Panda ActiveScan - http://www.pandasoftware.es/activescan/activescan-com.asp

Download anti-trojan (any of the following)
1. a2 free - http://www.emsisoft.com/en/ (it detects TrojanDownloader.Java.OpenStream.c

Info on this Java malware at http://www.trendmicro.com/vinfo/virusencyclo/default5.asp?VName=JAVA_BYTEVER.C

2. The Cleaner Pro 30 days trial - http://www.moosoft.com
3. TrojanHunter - http://www.misec.net/ (trial)

Make sure to update the program before running a scan.

Actually, you do not need to uninstall Sun Java. You only need to get rid of the infected file which is also (maybe) located in the cache of Sun Java. Emptying its cache can be done Happy

- Collapse -
I have done the following

Hi,
The only thing that I have not done is to clean the cache
in Sun/java, as I don't know how.I ran all the security
programs and the only one that is showing that I have a
trojan is AVG,and avg will not do anything with this file. Do you have any other programs that I can use to
fix this problem. Thanks for your time
PS it takes time as I have dial up.
Andy

- Collapse -
Andy

To clear the cache of Sun Java:
Start>Control Panel>Other Control Panel>Java Plug-in. Select Cache tab then click "Clear" button.

Please tell us by posting here the exact location of the infected file which AVG flagged an infection but failed to heal or move in virus vault.

- Collapse -
Donna

I don't have sun jave in control panel,don't forget I
deleted it before.Do you want me to install it again?

Avg, says it's in Doc/set/andy/apps

Thanks Andy

- Collapse -
If you only want

to install it again, you may install it. If sites that you visit requires Java, you need it.

As for the location of the infected file, try this:

Boot to safe mode
Go to the location of the file then delete the infected file while you are in Safe mode.

- Collapse -
Hi Donna

I got rid of it with SpySubtract, but I don't understand
why all the other's could not remove this virus.Only
AVG and Housecalls showed that I had a virus but could
not get rid of it. The rest of them did not show anything.
Thanks a lot for all your help...........Andy

- Collapse -
SpySubtract Antispyware has CWShredder
- Collapse -
Thank you

Now all that's left, is to clean out all the downloads
and run sfc /scannow to be sure that I didn't delete
something that I shouldn't have. It's runing a little
slow now. Have a nice day..........Andy

- Collapse -
(NT) (NT) Don't forget to defrag the system in safe mode Andy :)
- Collapse -
(NT) (NT) Will do, And thank you
- Collapse -
to remove this virus with the help of AVG 7.0:

i read through and he's already clean, but went through more than he really had to in order to do it -- and some unecessary steps also...

moving the file to the vault is not necessary...most of the time i have come into contact with people contracting this virus they have gone into a chatroom using parachat or a room that is hosted by them...

removal of this virus is quite simple...(oh, and though there are 2 infected files in the scan and the report only says one exists that is for one is a zip archive and the other is a file within that zipped archive...you also want to delete the corresponding .idx file just to keep things tidy)

after you have received an infected scan, minimize AVG and then make sure your windows settings allows view of hidden files in windows...

then back to avg: on the screen that has the avg test results (says virus detected in big letters, you have already seen it) and it tells you number of files and counts down the seconds, click results button, click on the infected ZIP file first, then show file...explorer will open up to that directory and have the file highlighted, simply delete it (that removes both infected files since you're deleting the directory)...then after deletion it should automatically highlight the corresponding IDX file, delete it to keep things tidy and exit...

now you're clean...

if you have already closed out the final window in AVG, just go to the test results screen, highlight the file and go from there with the rest...

- Collapse -
this virus

you really should use AVG free virus protect, its one of the best around. it checks all the files and can heal mostly any thing. double click on to c: drive go to TOOLS-FOLDER OPTIONS-VIEW. allow yourself access to all hidden files. read them all carefully. unless your logged onto windows as administrater, you wont be abl to access your systems volume folder.all of the faded files are what you inabled. leave the window open with your virus path and click on all the folders till you get to the virus. DONT CLICK ON THR VIRUS and leave that window open and to the side on the screen so you can see it. then go to my computer-double click c:drive. on the top left you shold see your VIRUS VAULT. right click on the virus and cut and paste it to your vaultas quick as you can. deleate the virus from there by running a full systems check again. if you do it any other way the virus will most likely reinstate itself some where else'well?at least the worms do that'. and tracking a virus threw the matrics of your comptr sucks. GOOD LIKE AND HAPPY HUNTING??? oh! and you might need winrar to see some files?

CNET Forums

Forum Info