Java-SunJava and CCleaner

My computer appears to be feeling bad...must be some sort of viral infection.

I have read/saved your instructions for the 6 steps that must be followed before posting a hijackthis log. I am in the midst of following those instructions.

My present dilema concerns the java stuff. The info for my version is as follows:
Java(TM) Plug-in: Version 1.4.2
Using JRE version 1.4.2 Java HotSpot(TM) Client VM
User home directory = C:\Documents and Settings\Terrie
Proxy Configuration: No proxy

I downloaded the Java link found on your website. It is for "sunjava." I guess I am showing my ignorance here. Are "java" and "sunjava" the same program--just different versions? If so, then I should uninstall the java already on my puter. If not, then I leave it on, right? :confused

Finally, I understand that I should run the CCleaner under each user while in safemode. Do I run the other programs (spybot, getnew, etc) under each user as well?

Thank you so much for your assistance.

 

The names are different because of a lawsuit that Sun won against Microsoft. Sunjava replaces Java VM. Go to add/remove programs and remove the versions of Java you mention above. Then reboot your computer before installing the version listed in point 6A under the READ & RUN ME. There's a link there where you can download it.

No. Only CCleaner for every user. It's to reduce the amount of time you have to spend on the other scans. Read carefully. Some scans are done in safe mode, some in safe mode with networking if you have that and others in normal mode

abri

 

Abri,

Thank you for explaining the java stuff to me. I finally found a link at java.sun that verified my version and indicated I needed to update. However, it did not explain the differences.

Also, thank you for the scan info on the other programs. Whew! I'm thankful I do not have to run all of the scans under each user.

Guess I'll be busy tonight and will post my findings (if needed) tomorrow. I will probably post them "just to be sure" I have done what is needed.

Thank you again!

 

Use the links in the READ & RUN ME for your downloads where possible.

I know exactly what you mean! - (laughing)

Go ahead and post your logs. Then we can see if your computer is clean or if it needs more work.

Thanks!
abri

 

Here are the logs...Set 1 of 2

This is set one of the logs. Set two will follow in the next message.

I have one oops! I thought I had followed your instructions explicitly but... When I was rereading your instruction page, I realized I had missed the counterspy run. I did run it but after running the two online scans. I hope that does not make much of a difference. Also, I ran all scans (except the getrunkeys, show new, and hijackthis) in safemode.

:confusedI noticed that the same file kept popping up as being deleted by the different scanners...C:/windows/xpudate. (That is the only one that caught my attention.)

:confusedThis is a new issue; "something" has "happened" to my display properties. I cannot change the background setting. All other tabs under the display properties work just fine. I have a calendar program that does use the display but I have completely turned it off and nothing happens.

I also added a screenshot of an entry on my msconfig file. Yesterday, the info contained blocks. Today, the info is blank. What causes the difference?

Thank you for checking this out for me. School will be starting soon and I don't need anything lurking around.

 

Here are the logs...Set 2 of 2

Thank you again for your help. I am anxiously awaiting the verdict and hopefully, the cure.

Note: I just realized that my logs are under my original subject of "java-sunjava and ccleaner." Since my overall problem is not related to java, I wonder if I should have posted these logs under a new thread? Since I can't delete these posts and don't want to cause a problem by posting a new thread, I don't know what to do. Please let me know where I should have posted these last two posts, and if necessary, move them to where you think they should be. Thank you! I'm sorry for the inconvenience.

 

Hi Wuf4Wds!!


Please look in Add/Remove Programs for the following and uninstall them if found:

Viewpoint Media Player
Java 2 Runtime Environment, SE v1.4.2
Viewpoint Manager (Remove Only)
Sunbelt CounterSpy


Then delete the below folders which may be left behind by the uninstall:

C:\Documents and Settings\Terrie\Application Data\Sunbelt Software
C:\Documents and Settings\All Users\Application Data\Sunbelt Software
C:\Program Files\Sunbelt Software

Next, if you don't use it, please remove Windows Messenger using the following:
Disable/Remove Windows Messenger


Now download The AVENGER by Swandog469, and save it to your Desktop.

* Extract avenger.exe from the Zip file and save it to your desktop
* Run avenger.exe by double-clicking on it.
* Check the 'Input script manually' box.
* Click on the magnifying glass icon.
* Copy everything in the Quote box below, and paste it in the box that opens:

Quote:

Please post new logs for
HJT
ShowNew
GetRunKeys

Tell me how your computer is doing.
abri

 

Hi Abri,

I have followed your instructions and the requested files are attached.

As for my computer, it is still on the slow side. It reminds me of how I feel first thing in the morning...struggling with that next step. Also, something has happened to my desktop properties. I only have two color settings and other settings are not working.

I use Windows Messenger; so I left it on the computer. I did remove the Viewpoint media player; however, what was that? (Just curious)

Oh...the avenger ran into some sort of problem. I have copied/pasted that info here for your review.
-------Begin quote-------
File c:\windows\xpupdate.exe not found!
Deletion of file c:\windows\xpupdate.exe failed!

Could not process line:
c:\windows\xpupdate.exe
Status: 0xc0000034

File C:\Documents and Settings\Terrie\Application Data\install.xat deleted successfully.
------End Quote-----

I look forward to hearing from you. This is definitely no time for the computer to be messing up. School is starting. Yikes! Thank you again for helping me.

 

Symantec takes a lot of resources. You might consider removing it and replacing it with AVG and Avast, both free AV programs which are a lot lighter on your computer's resources.

There can be a number of reasons for this which are not related to malware. It's more likely a problem with your graphics card and may have something to do with the games you're using. Please consult the hardware or software forum and see if they can help you. Please note the date when the problem first started.

Viewpoint Media player brings a lot of malware with it. There are other media players that don't.

I think that xpupdate.exe was already gone before Avenger looked for it, that's why it couldn't delete it. It doesn't seem to be there now. It originally showed up in the Panda scan, and if you want to run that again, you can see if it's gone for sure.

It would be a good idea to look through the READ & RUN ME FIRST link to general maintenance. You may need to defrag your computer if you haven't done that for awhile. There are a lot of good tips in there. It's here: Basic computer maintenance everyone should do

Also, please read through How to Protect yourself from malware!


Hope the problems of slowness and color will be worked out soon!
abri

 

Wuf4Wds!

This is one last fix you can do. See if this helps the speed.



Run HijackThis (select Do a system scan only) and select the following lines but DO NOT CLICK FIX until you exit all browser sessions including the one you are reading in right now:
Quote:

After clicking Fix, exit HJT.


Please copy the bold text below to notepad. Save it as fixME.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.


Quote:

Let me know if you see any changes after this!
abri

 

Hi Abri,

I followed your instructions. Things "seem" faster but I have only opened a couple of pages. I guess I really need to work on the computer/internet in order to truly determine the effects of the fix--which I will definitely do.

In the meantime, I have two problems and two questions remaining

Problems:
1. Something has happened to my desktop properties (before I completed any of the advised fixes). Most of my desktop property options are frozen. I only have two color settings, cannot make changes to background properties, etc. I looked on your site and found comments about DWORD. I looked and I am missing the DWORD entries that it referenced. Since I didn't fully understand everything and since you were working with me, I didn't try any of it. Is there a scan I can do to show you these files?
2. My adobe reader updated itself during this process. Now everytime I open a pdf document I receive an error message telling me to enable the adobe internet explorer add-on in order for the page to display properly. I looked at my internet explorer add-ons and they are ALL enabled. What do I do about that?

Questions:
1. Does the hijackthis file show you my internet explorer add-ons? If so, I guess that means the ones that I have are okay, right?
2. What is the ncs1.cab?

Finally,

Thank you! Thank you! Thank you!

 

Hi Wuf4Wds!

Quote:

Copy the contents of the below Quote Box to Notepad. Then click File and then Save As. Change the Save as Type to All Files. Name the file fixme2.reg and then click save. (make sure you save it somewhere you can find it. Saving it to your Desktop may make that easy.) Then double-click on the fixme2.reg file on your desktop (or locate it with Windows Explorer and double click on it if not saved to the Desktop) and when it prompts to Add in to the registry, say yes.
Quote:

Quote:

I would uninstall your current version of Adobe Reader. Once complete, download and install the new version of Adobe.

Adobe Reader 8.1.0

1) The add-ons it shows are ok.
2) It's a control for ActiveX which is not reverse compatible for older versions. If it's needed it will download automatically.


All credit for this fix to Bj! Thanks for the help!

abri