Jump to content

Java trojan etc. help needed

Recommended Posts

I've been having slow down issues on Facebook only. All other websites have no problems. Today I ran a deep scan using your anti-malware and it found 20 various trojans etc. all to do with JAVA. Here are the files you have requested. I also installed the newest version of Java today.

Link to post
Share on other sites

Run OTL.exe

  • Copy/paste the following text written inside of the code box into the Custom Scans/Fixes box located at the bottom of OTL
    IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = http=
    O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
    O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {604BC32A-9680-40D1-9AC6-E06B23A1BA4C} - No CLSID value found.
    O4 - HKLM..\Run: []  File not found
    O20 - HKLM Winlogon: VMApplet - (/pagefile) -  File not found
    O21:[b]64bit:[/b] - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - CLSID or File not found.
    O33 - MountPoints2\K\Shell - "" = AutoRun
    O33 - MountPoints2\K\Shell\AutoRun\command - "" = K:\LaunchU3.exe -a
    [2011/03/11 08:58:26 | 000,010,896 | -HS- | C] () -- C:\ProgramData\3567006381
    [2011/03/11 08:58:26 | 000,010,888 | -HS- | C] () -- C:\Users\Ziggy\AppData\Local\3567006381 
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\Temp:C22674B6
    @Alternate Data Stream - 222 bytes -> C:\ProgramData\Temp:94B46CA2
    @Alternate Data Stream - 215 bytes -> C:\ProgramData\Temp:C15969A6
    @Alternate Data Stream - 204 bytes -> C:\ProgramData\Temp:4673E9EA
    @Alternate Data Stream - 198 bytes -> C:\ProgramData\Temp:A745DB5D
    @Alternate Data Stream - 163 bytes -> C:\ProgramData\Temp:F7E83BDD
    @Alternate Data Stream - 150 bytes -> C:\ProgramData\Temp:260575F1
    @Alternate Data Stream - 137 bytes -> C:\ProgramData\Temp:0AC32449
    @Alternate Data Stream - 134 bytes -> C:\ProgramData\Temp:A02025CE
    @Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:996104FC
    @Alternate Data Stream - 104 bytes -> C:\ProgramData\Temp:E1D6C864
    [start Explorer]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot when it is done
  • Attach the new log produced by OTL

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

Link to post
Share on other sites

I did what you asked. Then I assumed (although you didn't say to) ran the OTL.exe scan again same as earlier to get log. I dsidn't see a log from what you told me to do.

Anyway, here it is. If that was wrong, then advise.

Link to post
Share on other sites

Still having same problem of Facebook being slow. Only website I have a problem with. Slow when typing comments, slow scrolling through page, very slow streaming posted videos (however when I view same video on Youtube they play fine)

I guess the easy gfix would be to stay off of FB. LOL

Link to post
Share on other sites

OK, let's see if we can figure out what is going on.

Download ComboFix from one of these locations:

Save as Combo-Fix.exe during the download. ComboFix must be renamed before you download to your Desktop

Link 1

Link 2

* IMPORTANT !!! Save Combo-Fix to your Desktop

  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
    See HERE for help
  • Double click on ComboFix.exe & follow the prompts.
  • As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
  • Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.

**Please note: (This applies to Windows XP systems only) If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.


Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:


Click on Yes, to continue scanning for malware.

When finished, ComboFix will produce a log.


1. Do not mouseclick combofix's window while it's running. That may cause it to stall!

2. Remember to re-enable your anti-virus and anti-spyware before reconnecting to the Internet.

Attach logs for:

  • ComboFix (C:\combofix.txt)

Let me know of any problems you may have encountered with the above instructions and also let me know how things are running now!

Link to post
Share on other sites

I disabled AVG, downloaded Combofix, attempted to run Combofix. Combofix window popped up and said that it could not run with AVG installed and that I had to uninstall AVG. I REALLY don't want to have to do that, if I don't have to.

I apologize, I know you're trying to help and its very appreciated.

Link to post
Share on other sites

Unfortunately AVG interferes with ComboFix and it will have to be uninstalled in order for ComboFix to work. There are other tools I can use but none of them are as powerful and effective as ComboFix.

Link to post
Share on other sites

I uninstalled AVG. Rebooted.Attempted to run Combofix, this time it tells me again to disable AVG 2011 (hard to do when its not installed) also says to disable Adaware. I've tried several times over the last few months to get rid of Adaware as I had some problems the last time I used it. It doesn't seem to be able to be removed in its current state. I want to get my antivirus back up as soon as possible.

Link to post
Share on other sites

Thread Closed

Reason: Lack of Response

PM either ShadowPuterDude, SpySentinel, or JeanInMontana to have this thread reopened.

The procedures contained in this thread are for this user and this user only. Attempting to use the instructions in this thread on your system could result in damaging the Operating System beyond repair. Do Not use any of the tools mentioned in this thread without the supervision of a Malware Removal Specialist.

All posters requesting Malware Removal assistance are required to follow all procedures in the thread titled START HERE, if you don't we are just going to send you back to this thread

Link to post
Share on other sites
This topic is now closed to further replies.
  • Recently Browsing   0 members

    No registered users viewing this page.

  • Create New...