Zafi.B and Browser Hijack

HELP!!!

I cant begin removal of Zafi.B because it keeps redirecting my IE Browser. Im actually typing this by being logged into a remote server. I cant eveon go to Lavasoft ot download the newest version of Adaware

Please help get this crappy Zafi.B of my computer ASAP!

Please read here and post a Hijack This log.
http://www.geekpolice.net/malware-removal-hijackthis-logs-f11/read-this-before-posting-t3821.htm

I cant do any of this stuff! My browser will not let me

Okay, try this.

• Please download DDS by sUBs to your Desktop (Important!!) from one of these locations:
  Link 1
  Link 2
  Link 3
  
• Double click DDS.scr to run
  
• When complete, DDS.txt will open.
  
• Click No for Optional Scan.
  
• Save the report to your Desktop.
  
• Copy and paste DDS.txt back here, I don't need to see attach.txt.
  

I cant do anything on my machine because the browser keeps saying "Internet Explore cannot display the webpage". Remember, im connected to this website only because im logged on remotely to my server at work and using its Internet Explorer to access your website.

I tried copying the links above into my address bar on my PC and into the Start, Run menu and I get the same results. Thanks for your help

Lets run a rootkit.
Use the second link for the avenger here, it shouldn't be blocked.

1. Please download The Avenger by Swandog46 to your Desktop
Link: HERE or HERE.

• Click on Avenger.zip to open the file
  
• Extract avenger.exe to your desktop
  

2. Now, start The Avenger program by clicking on its icon on your desktop.

• Leave the script box empty.
  
• Leave the ticked box "Scan for rootkit" ticked.
  
• Then tick "Disable any rootkits found"
  
• Now click on the Execute to begin execution of the script.
  
• Answer "Yes" twice when prompted.
  
  The Avenger will automatically do the following:
  
  
• It will Restart your computer.
  
• On reboot, it will briefly open a black command window on your desktop, this is normal.
  
• After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  
• The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
  

3. Please copy/paste the content of c:\avenger.txt into your reply.

**this freaked me out. It went to a blue screen then said a fatal error had occured. I had to log back on and this text was on my desktop. Please tell me your website is legit




Logfile of The Avenger Version 2.0, (c) by Swandog46
http://swandog46.geekstogo.com

Platform: Windows XP

*******************

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:

Rootkit scan active.

Hidden driver "TDSSserv.sys" found!
ImagePath: \systemroot\system32\drivers\TDSSmaxt.sys
Driver disabled successfully.

Rootkit scan completed.


Completed script processing.

*******************

Finished! Terminate.

Hello.
Yeah, sadly the rootkit doesn't like to be removed without causing more problems.
I don't think we did any damage as the rootkit is disabled now, so lets kill it off.

2. Copy all the text contained in the code box below to your Clipboard by highlighting it and pressing (Ctrl+C):

Drivers to delete:
TDSSserv.sys

Files to delete:
C:\WINDOWS\system32\drivers\TDSSmaxt.sys

Note: the above code was created specifically for this user. If you are not this user, do NOT follow these directions as they could damage the workings of your system.

3. Now, start The Avenger program by clicking on its icon on your desktop.

• Under "Input script here:", paste in the script from the quote box above.
  
• Leave the ticked box "Scan for rootkit" ticked.
  
• Then tick "Disable any rootkits found"
  
• Now click on the Execute to begin execution of the script.
  
• Answer "Yes" twice when prompted.
  
  The Avenger will automatically do the following:
  
  
• It will Restart your computer.
  
• On reboot, it will briefly open a black command window on your desktop, this is normal.
  
• After the restart, it creates a log file that should open with the results of Avenger’s actions. This log file will be located at C:\avenger.txt
  
• The Avenger will also have backed up all the files, etc., that you asked it to delete, and will have zipped them and moved the zip archives to C:\avenger\backup.zip.
  

4. Please copy/paste the content of c:\avenger.txt into your reply.

Please post the DDS log now, the links will work.

Script file opened successfully.
Script file read successfully.

Backups directory opened successfully at C:\Avenger

*******************

Beginning to process script file:




Rootkit scan active.
No rootkits found!

Driver "TDSSserv.sys" deleted successfully.
File "C:\WINDOWS\system32\drivers\TDSSmaxt.sys" deleted successfully.

Completed script processing.


**Very Frustrated. After this, the fake security center message immediately popped up and my browser is doing the same thing. The weird thing is after the "proceed without protection" message I get, now I can go to the sites I couldnt go to earlier ie Lavasoft
*******************

Finished! Terminate.

Yes, I know, it will do and will keep doing it until we remove the problem.
Just stay with me on this and we'll remove it together.

Please run DDS now, the links will work.

C:\WINDOWS\system32\svchost -k DcomLaunch
svchost.exe
C:\WINDOWS\System32\svchost.exe -k netsvcs
svchost.exe
svchost.exe
C:\WINDOWS\system32\spoolsv.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\PROGRA~1\AVG\AVG8\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Juniper Networks\Common Files\dsNcService.exe
C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
C:\WINDOWS\System32\svchost.exe -k imgsvc
C:\PROGRA~1\AVG\AVG8\avgrsx.exe
C:\PROGRA~1\AVG\AVG8\avgemc.exe
C:\WINDOWS\Explorer.EXE
C:\Program Files\iTunes\iTunesHelper.exe
C:\Program Files\QuickTime\qttask.exe
C:\Program Files\Common Files\Real\Update_OB\realsched.exe
C:\Documents and Settings\Dillion\Application Data\Google\cijwg16225165.exe
C:\Program Files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
C:\WINDOWS\system32\wuauclt.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\iPod\bin\iPodService.exe
C:\Program Files\Internet Explorer\IEXPLORE.EXE
C:\WINDOWS\system32\mstsc.exe
C:\Program Files\AVG\AVG8\avgtray.exe
C:\Program Files\Outlook Express\msimn.exe
C:\Documents and Settings\Dillion\Local Settings\Temporary Internet Files\Content.IE5\TCGI2M0P\dds[1].scr

============== Pseudo HJT Report ===============

uStart Page = hxxp://www.google.com/
uSearch Page = hxxp://www.google.com
uSearch Bar = hxxp://www.google.com/ie
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Settings,ProxyOverride = *.local
uSearchAssistant = hxxp://www.google.com/ie
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
mSearchAssistant = hxxp://www.google.com/ie
uURLSearchHooks: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
BHO: Adobe PDF Reader Link Helper: {06849e9f-c8d7-4d59-b87d-784b7d6be0b3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\program files\real\realplayer\rpbrowserrecordplugin.dll
BHO: AVG Safe Search: {3ca2f312-6f6e-4b53-a66e-4e65e497c8c0} - c:\program files\avg\avg8\avgssie.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
BHO: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\4.1.805.4472\swg.dll
TB: AVG Security Toolbar: {a057a204-bacc-4d26-9990-79a187e2698e} - c:\progra~1\avg\avg8\AVGTOO~1.DLL
TB: Yahoo! Toolbar: {ef99bd32-c1fb-11d2-892f-0090271d4f88} -
EB: {32683183-48a0-441b-a342-7c2a440a9478} - No File
uRun: [swg] c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe
uRun: [ctfmon.exe] c:\windows\system32\ctfmon.exe
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [iTunesHelper] "c:\program files\itunes\iTunesHelper.exe"
mRun: [QuickTime Task] "c:\program files\quicktime\qttask.exe" -atboottime
mRun: [TkBellExe] "c:\program files\common files\real\update_ob\realsched.exe" -osboot
mRun: [realteke] "c:\documents and settings\dillion\application data\google\cijwg16225165.exe" 2
mRun: [AVG8_TRAY] c:\progra~1\avg\avg8\avgtray.exe
IE: {e2e2dd38-d088-4134-82b7-f2ba38496583} - %windir%\Network Diagnostic\xpnetdiag.exe
IE: {FB5F1910-F110-11d2-BB9E-00C04F795683} - c:\program files\messenger\msmsgs.exe
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC} - c:\program files\java\jre1.6.0_01\bin\ssv.dll
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg8\avgpp.dll
AppInit_DLLs: avgrsstx.dll

============= SERVICES / DRIVERS ===============

R1 AvgLdx86;AVG Free AVI Loader Driver x86;c:\windows\system32\drivers\avgldx86.sys [2009-1-21 97928]
R1 AvgMfx86;AVG Free On-access Scanner Minifilter Driver x86;c:\windows\system32\drivers\avgmfx86.sys [2009-1-21 26824]
R4 avg8emc;AVG Free8 E-mail Scanner;c:\progra~1\avg\avg8\avgemc.exe [2009-1-21 875288]
R4 avg8wd;AVG Free8 WatchDog;c:\progra~1\avg\avg8\avgwdsvc.exe [2009-1-21 231704]
R4 AvgTdiX;AVG Free8 Network Redirector;c:\windows\system32\drivers\avgtdix.sys [2009-1-21 76040]
S3 trid3d;trid3d;c:\windows\system32\drivers\trid3dm.sys [2006-7-6 222336]

=============== Created Last 30 ================

2009-01-21 05:31 --d-h--- C:\$AVG8.VAULT$
2009-01-21 05:26 10,520 a------- c:\windows\system32\avgrsstx.dll
2009-01-21 05:26 76,040 a------- c:\windows\system32\drivers\avgtdix.sys
2009-01-21 05:26 97,928 a------- c:\windows\system32\drivers\avgldx86.sys
2009-01-21 05:26 --d----- c:\windows\system32\drivers\Avg
2009-01-21 05:26 --d----- c:\docume~1\dillion\applic~1\AVGTOOLBAR
2009-01-21 05:26 --d----- c:\program files\AVG
2009-01-21 05:26 --d----- c:\docume~1\alluse~1\applic~1\avg8
2009-01-19 06:40 6,066,176 -c------ c:\windows\system32\dllcache\ieframe.dll
2009-01-19 06:40 2,455,488 -c------ c:\windows\system32\dllcache\ieapfltr.dat
2009-01-19 06:40 991,232 -c------ c:\windows\system32\dllcache\ieframe.dll.mui
2009-01-19 06:40 459,264 -c------ c:\windows\system32\dllcache\msfeeds.dll
2009-01-19 06:40 383,488 -c------ c:\windows\system32\dllcache\ieapfltr.dll
2009-01-19 06:40 267,776 -c------ c:\windows\system32\dllcache\iertutil.dll
2009-01-19 06:40 63,488 -c------ c:\windows\system32\dllcache\icardie.dll
2009-01-19 06:40 52,224 -c------ c:\windows\system32\dllcache\msfeedsbs.dll
2009-01-19 06:40 13,824 -c------ c:\windows\system32\dllcache\ieudinit.exe
2009-01-19 06:36 --d----- c:\windows\network diagnostic
2009-01-19 06:36 33,792 ac------ c:\windows\system32\dllcache\custsat.dll
2009-01-18 20:49 --d----- c:\windows\system32\CatRoot_bak
2009-01-18 20:49 272,128 -c------ c:\windows\system32\dllcache\bthport.sys
2009-01-18 20:47 331,776 -c------ c:\windows\system32\dllcache\msadce.dll
2009-01-18 11:29 54,843 a------- c:\windows\Sysvxd.exe
2009-01-18 09:52 2,204 a------- c:\windows\system32\TDSSfpmp.dll
2009-01-18 09:52 441 a------- c:\windows\system32\TDSSosvn.dat
2009-01-18 09:49 --d----- c:\docume~1\dillion\applic~1\Yahoo

==================== Find3M ====================

2009-01-06 10:10 4,348 a------- c:\windows\system32\d3d9caps.dat
2008-12-11 05:57 333,184 a------- c:\windows\system32\drivers\srv.sys
2008-10-24 19:55 4,124 a------- c:\windows\system32\d3d8caps.dat

============= FINISH: 10:31:04.58 ===============

Okay, this will finish it off, the alerts will stop after this is done.

Please download the OTMoveIt3 by OldTimer.

• Save it to your desktop.
  
• Please double-click OTMoveIt3.exe to run it.
  
• Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
  
  
  :files
  c:\windows\system32\TDSSfpmp.dll
  c:\windows\system32\TDSSosvn.dat
  C:\avenger
  C:\avenger.txt
  C:\Documents and Settings\Dillion\Application Data\Google\*.*
  
  :reg
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
  "realteke"=-
  
  :commands
  [purity]
  [emptytemp]
  
  
  
• Return to OTMoveIt3, right click in the "Paste instructions for items to be Moved" window (under the light blue bar) and choose Paste.
  
• Click the red Moveit! button.
  
• Copy everything in the Results window (under the green bar) to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose copy), and paste it in your next reply.
  
• Close OTMoveIt3
  

If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose Yes.

Please post the OTMoveIt log.

========== FILES ==========
File/Folder c:\windows\system32\TDSSfpmp.dll not found.
File/Folder c:\windows\system32\TDSSosvn.dat not found.
File/Folder C:\avenger not found.
File/Folder C:\avenger.txt not found.
File/Folder C:\Documents and Settings\Dillion\Application Data\Google\*.* not found.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\\realteke deleted successfully.
========== COMMANDS ==========
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R117.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R11B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R11F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R123.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R127.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R12B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R12F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R133.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R143.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R147.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R14B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R14F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R153.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R157.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R15B.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R15F.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R59.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R5D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R61.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R65.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R69.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R6D.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R71.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R75.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RC5.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RC9.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RCD.tmp scheduled to be deleted on reboot.
File delete failed. C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RD1.tmp scheduled to be deleted on reboot.
User's Temp folder emptied.
User's Temporary Internet Files folder emptied.
User's Internet Explorer cache folder emptied.
Local Service Temp folder emptied.
File delete failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be deleted on reboot.
Local Service Temporary Internet Files folder emptied.
Windows Temp folder emptied.
Java cache emptied.
Temp folders emptied.

OTMoveIt3 by OldTimer - Version 1.0.8.0 log created on 01212009_133229

Files moved on Reboot...
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R117.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R11B.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R11F.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R123.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R127.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R12B.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R12F.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R133.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R143.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R147.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R14B.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R14F.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R153.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R157.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R15B.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R15F.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R59.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R5D.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R61.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R65.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R69.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R6D.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R71.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@R75.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RC5.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RC9.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RCD.tmp moved successfully.
C:\DOCUME~1\Dillion\LOCALS~1\Temp\Z@RD1.tmp moved successfully.
File move failed. C:\Documents and Settings\LocalService\Local Settings\Temporary Internet Files\Content.IE5\index.dat scheduled to be moved on reboot.




~~Looks like they may have stopped. Do I need to delete all of the things I downloaded to help this problem? ie Avenger, DDS

Im not really computer savy and really paranoid about this stuff so forgive me if these are stupid questions

Hello.
Yes, delete the tools, the infection should be gone now.

Your version of Java is outdated and needs to be updated to take advantage of fixes that have eliminated security vulnerabilities.
Updating Java:

• Download the latest version of Java SE Runtime Environment (JRE) 6 Update 11.
  
• Select the first option where it says "Java SE Runtime Environment (JRE) 6 Update 11".
  
• Click the "Download" button to the right.
  
• In the Window that opens, select your platform and language, check the "agree" box, and click Continue.
  
• Click on the link to download Windows Offline Installation and save to your desktop.
  
• Close any programs you may have running - especially your web browser.
  
• Go to Start > Control Panel double-click on Add or Remove Programs and remove all older versions of Java.
  
• Check any item with Java Runtime Environment (JRE or J2SE) in the name.
  - Examples of older versions in Add or Remove Programs:
  - Java 2 Runtime Environment, SE v1.4.2
  - J2SE Runtime Environment 5.0
  - J2SE Runtime Environment 5.0 Update 2
  
• Click the Remove or Change/Remove button.
  
• Repeat as many times as necessary to remove each Java versions.
  
• Reboot your computer once all Java components are removed.
  
• Then from your desktop double-click on jre-6u11-windows-i586-p.exe that you downloaded to install the newest version.
  

Please make sure the new version of Java is installed before you run JavaRa.

Please download JavaRa from here

• First, unzip it.
  
• Then run JavaRa.
  
• Select English from the drop down menu and press Select.
  
• This will open JavaRa.
  
• Press Remove older versions
  
• Press yes to the prompt.
  
• It will make a log file of what it's removed.
  
• Copy and paste the log back here.
  

Since this issue has been addressed, a "solved" tag will be added and this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.

Since this issue has been addressed, a "solved" tag will be added and this topic will be closed.

If you need this topic reopened, please contact a staff member. This applies only to the original topic starter.

Everyone else, please open a new topic for your questions.