We're aware that some users are experiencing technical issues which the team are working to resolve. See the Community Noticeboard for more info. Thank you for your patience.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!

Java Exploit/ btyverify trojan

Options
2»

Comments

  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    Thanks - That looks ok.

    Run aswMBR as below & post that log. Download it from the link below and save it to your desktop.

    http://public.avast.com/~gmerek/aswMBR.exe

    When you've downloaded it...
    • Double click aswMBR.exe to run it.
    • If prompted, click YES to scan with Avast! virus definitions.
    • Set the AVscan to Quick Scan & click the Scan button.
    • After the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
    • Click OK when prompted. aswMBR.txt & MBR.dat will be appear on your desktop.
    • Click EXIT.
    • Copy & paste the contents of aswMBR.txt here.
    Should it report something, don't try to fix anything with it yet, just post the log.

    I'm going out for a bit now but will take a look later.
  • Dunwunderin
    Dunwunderin Posts: 163 Forumite
    waddler_8 wrote: »
    Thanks - That looks ok.

    Run aswMBR as below & post that log. Download it from the link below and save it to your desktop.

    http://public.avast.com/~gmerek/aswMBR.exe

    When you've downloaded it...
    • Double click aswMBR.exe to run it.
    • If prompted, click YES to scan with Avast! virus definitions.
    • Set the AVscan to Quick Scan & click the Scan button.
    • After the scan reports "Scan finished successfully", click Save log & save the log to your desktop.
    • Click OK when prompted. aswMBR.txt & MBR.dat will be appear on your desktop.
    • Click EXIT.
    • Copy & paste the contents of aswMBR.txt here.
    Should it report something, don't try to fix anything with it yet, just post the log.

    I'm going out for a bit now but will take a look later.
    swMBR version 0.9.9.1665 Copyright(c) 2011 AVAST Software
    Run date: 2012-06-30 11:42:32
    11:42:32.448 OS Version: Windows x64 6.1.7601 Service Pack 1
    11:42:32.448 Number of processors: 2 586 0x170A
    11:42:32.448 ComputerName: PETER-PC UserName: Peter
    11:42:38.627 Initialize success
    11:45:42.780 AVAST engine defs: 12063000
    11:45:52.300 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IdeDeviceP1T0L0-1
    11:45:52.315 Disk 0 Vendor: WDC_WD6400AAKS-22A7B2 01.03B01 Size: 610480MB BusType: 3
    11:45:52.331 Disk 0 MBR read successfully
    11:45:52.331 Disk 0 MBR scan
    11:45:52.347 Disk 0 Windows 7 default MBR code
    11:45:52.378 Disk 0 Partition 1 80 (A) 07 HPFS/NTFS NTFS 9500 MB offset 2048
    11:45:52.393 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 600978 MB offset 19458048
    11:45:52.440 Disk 0 scanning C:\Windows\system32\drivers
    11:46:12.590 Service scanning
    11:46:52.264 Modules scanning
    11:46:52.264 Disk 0 trace - called modules:
    11:46:52.264 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS intelide.sys
    11:46:52.264 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xfffffa80032e8410]
    11:46:52.264 3 CLASSPNP.SYS[fffff8800181743f] -> nt!IofCallDriver -> [0xfffffa80031b7520]
    11:46:52.264 5 ACPI.sys[fffff88000ec27a1] -> nt!IofCallDriver -> \Device\Ide\IdeDeviceP1T0L0-1[0xfffffa80031a2060]
    11:46:54.698 AVAST engine scan C:\Windows
    11:47:00.180 AVAST engine scan C:\Windows\system32
    11:52:26.228 AVAST engine scan C:\Windows\system32\drivers
    11:53:13.401 AVAST engine scan C:\Users\Peter
    12:06:25.816 AVAST engine scan C:\ProgramData
    12:14:03.260 Scan finished successfully
    12:14:48.173 Disk 0 MBR has been saved successfully to "C:\Users\Peter\Desktop\MBR.dat"
    12:14:48.189 The log file has been saved successfully to "C:\Users\Peter\Desktop\aswMBR.txt"

    Hope I have done this right! I don't see any infections?
  • waddler_8
    waddler_8 Posts: 3,588 Forumite
    That all looks good. Run a quick scan with Malwarebytes after you've updated it - If it doesn't detect anything then I'd say you're good to go.

    Post then contents of attach.txt, the other log produced when you ran DDS.
  • -TangleFoot-
    -TangleFoot- Posts: 4,673 Forumite
    Part of the Furniture Combo Breaker
    Dunwunderin wrote: »
    Hi,
    Can't follow because I am using W7
    There are three ways to do this once you've got the Control Panel open:
    • Click Programs, then Java (32-bit)
    • Type 'java' into the search box in the upper right-hand corner
    • Select something other than 'Category' from the View by menu.
    Windows has been hiding third-party applets from people since Windows XP. ;)
  • Dunwunderin
    Dunwunderin Posts: 163 Forumite
    waddler_8 wrote: »
    That all looks good. Run a quick scan with Malwarebytes after you've updated it - If it doesn't detect anything then I'd say you're good to go.

    Post then contents of attach.txt, the other log produced when you ran DDS.
    Malware Bytes and Norton found nothing on scanning

    .
    UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
    IF REQUESTED, ZIP IT UP & ATTACH IT
    .
    DDS (Ver_2011-08-26.01)
    .
    Microsoft Windows 7 Home Premium
    Boot Device: \Device\HarddiskVolume1
    Install Date: 26/05/2010 16:59:59
    System Uptime: 30/06/2012 07:59:43 (11 hours ago)
    .
    Motherboard: Foxconn | | G31MX-K
    Processor: Pentium(R) Dual-Core CPU E5400 @ 2.70GHz | Socket 775 | 1188/200mhz
    .
    ==== Disk Partitions =========================
    .
    C: is FIXED (NTFS) - 587 GiB total, 475.775 GiB free.
    D: is CDROM ()
    F: is Removable
    G: is Removable
    H: is Removable
    I: is Removable
    J: is FIXED (NTFS) - 466 GiB total, 63.911 GiB free.
    .
    ==== Disabled Device Manager Items =============
    .
    ==== System Restore Points ===================
    .
    RP792: 23/06/2012 17:12:59 - Removed Skype™ 5.5
    RP793: 23/06/2012 17:18:19 - Revo Uninstaller's restore point - Skype Click to Call
    RP794: 23/06/2012 17:20:11 - Revo Uninstaller's restore point - Safari
    RP795: 23/06/2012 17:27:44 - Installed Java(TM) 7 Update 5
    RP796: 23/06/2012 17:29:19 - Installed JavaFX 2.1.1
    RP797: 23/06/2012 17:32:26 - Revo Uninstaller's restore point - JavaFX 2.1.1
    RP798: 23/06/2012 17:32:49 - Removed JavaFX 2.1.1
    RP799: 25/06/2012 22:16:50 - Installed iTunes
    RP800: 25/06/2012 22:22:51 - Installed QuickTime
    RP801: 25/06/2012 22:35:43 - Revo Uninstaller's restore point - Secunia PSI (2.0.0.3001)
    RP802: 26/06/2012 20:33:59 - Installed Google Earth.
    RP803: 26/06/2012 22:00:28 - Windows Live Essentials
    RP804: 26/06/2012 22:01:20 - Installed DirectX
    RP805: 26/06/2012 22:02:44 - Installed DirectX
    RP806: 26/06/2012 22:08:54 - WLSetup
    RP809: 29/06/2012 20:20:19 - Revo Uninstaller's restore point - Bing Bar
    RP810: 29/06/2012 20:22:11 - Revo Uninstaller's restore point - Google Toolbar for Internet Explorer
    RP807: 29/06/2012 21:19:02 - Revo Uninstaller's restore point - Opera 12.00
    RP808: 29/06/2012 21:24:14 - Revo Uninstaller's restore point - FileHippo.com Update Checker
    RP811: 30/06/2012 11:00:45 - Windows Backup
    .
    ==== Installed Programs ======================
    .
    .
    ABBYY FineReader 6.0 Sprint
    Address Magic Personal
    Adobe AIR
    Adobe Download Manager
    Adobe Flash Player 11 ActiveX
    Adobe Flash Player 11 Plugin
    Adobe Reader X (10.1.3)
    Amazon MP3 Downloader 1.0.9
    Apple Application Support
    Apple Software Update
    BBC iPlayer Desktop
    Belarc Advisor 8.1
    CAMagic Mobile for Bluetooth
    Camera RAW Plug-In for EPSON Creativity Suite
    CDBurnerXP
    D3DX10
    Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition
    EasyBits GO
    EPSON Attach To Email
    EPSON Copy Utility 3
    EPSON Easy Photo Print
    EPSON File Manager
    EPSON Scan
    EPSON Scan Assistant
    EPSON Stylus CX7300_CX8300_DX7400_DX8400 Manual
    Everything 1.2.1.371
    EZ Vinyl/Tape Converter 7.4 by MixMeister
    Feedback Tool
    Google Earth
    Google Update Helper
    Greenshot
    ieSpell
    Internet TV for Windows Media Center
    Java Auto Updater
    Java(TM) 7 Update 5
    Junk Mail filter update
    Magical Jelly Bean KeyFinder
    Malwarebytes Anti-Malware version 1.61.0.1400
    Mesh Runtime
    Messenger Companion
    Microsoft Corporation
    Microsoft Default Manager
    Microsoft Office 2010 Service Pack 1 (SP1)
    Microsoft Office Access MUI (English) 2010
    Microsoft Office Access Setup Metadata MUI (English) 2010
    Microsoft Office Excel MUI (English) 2010
    Microsoft Office Groove MUI (English) 2010
    Microsoft Office InfoPath MUI (English) 2010
    Microsoft Office OneNote MUI (English) 2010
    Microsoft Office Outlook Connector
    Microsoft Office Outlook MUI (English) 2010
    Microsoft Office PowerPoint MUI (English) 2010
    Microsoft Office PowerPoint Viewer 2007 (English)
    Microsoft Office Professional Plus 2010
    Microsoft Office Proof (English) 2010
    Microsoft Office Proof (French) 2010
    Microsoft Office Proof (Spanish) 2010
    Microsoft Office Proofing (English) 2010
    Microsoft Office Publisher MUI (English) 2010
    Microsoft Office Shared MUI (English) 2010
    Microsoft Office Shared Setup Metadata MUI (English) 2010
    Microsoft Office Word MUI (English) 2010
    Microsoft Outlook Social Connector Provider for Windows Live Messenger 32-bit
    Microsoft PowerPoint Viewer 97
    Microsoft Silverlight
    Microsoft SQL Server 2005 Compact Edition [ENU]
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
    Microsoft Visual C++ 2005 Redistributable
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022.218
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
    Mozilla Firefox 13.0.1 (x86 en-US)
    Mozilla Maintenance Service
    Mozilla Thunderbird 13.0.1 (x86 en-US)
    MSVCRT
    MSVCRT_amd64
    MSXML 4.0 SP2 (KB954430)
    MSXML 4.0 SP2 (KB973688)
    MSXML 4.0 SP2 Parser and SDK
    MyHeritage Family Tree Builder
    Norton Internet Security
    OLYMPUS Master 2
    Panda ActiveScan 2.0
    QuickTime
    Rapport
    Realtek Ethernet Controller Driver
    Realtek High Definition Audio Driver
    Revo Uninstaller 1.93
    RoboForm 7-7-8-8 (All Users)
    Secunia PSI (3.0.0.2004)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2160841)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2572078)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2604121)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656351)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656368v2)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2656405)
    Security Update for Microsoft .NET Framework 4 Client Profile (KB2686827)
    Security Update for Microsoft Excel 2010 (KB2597166) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2553091)
    Security Update for Microsoft Office 2010 (KB2553096)
    Security Update for Microsoft Office 2010 (KB2553371) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2589320) 32-Bit Edition
    Security Update for Microsoft Office 2010 (KB2598039) 32-Bit Edition
    Security Update for Microsoft PowerPoint 2010 (KB2553185) 32-Bit Edition
    Security Update for Microsoft SharePoint Workspace 2010 (KB2566445)
    Security Update for Microsoft Visio Viewer 2010 (KB2597981) 32-Bit Edition
    SlimCleaner
    SlimDrivers
    Spotify
    SpywareBlaster 4.6
    TuneUp 2.4.6.4
    Unit Converter
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217)
    Update for Microsoft Office 2010 (KB2553065)
    Update for Microsoft Office 2010 (KB2553092)
    Update for Microsoft Office 2010 (KB2553181) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553267) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553270) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553310) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2553385) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2566458)
    Update for Microsoft Office 2010 (KB2596964) 32-Bit Edition
    Update for Microsoft Office 2010 (KB2597091) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2553290) 32-Bit Edition
    Update for Microsoft OneNote 2010 (KB2589345) 32-Bit Edition
    Update for Microsoft Outlook 2010 (KB2553248) 32-Bit Edition
    Update for Microsoft Outlook Social Connector 2010 (KB2553406) 32-Bit Edition
    Visual C++ 2008 x86 Runtime - (v9.0.30729)
    Visual C++ 2008 x86 Runtime - v9.0.30729.01
    Visual C++ 8.0 Runtime Setup Package (x64)
    Visual Studio 2008 x64 Redistributables
    VoiceOver Kit
    Windows Live Communications Platform
    Windows Live Essentials
    Windows Live Installer
    Windows Live Mail
    Windows Live Mesh
    Windows Live Mesh ActiveX Control for Remote Connections
    Windows Live Messenger
    Windows Live Messenger Companion Core
    Windows Live Movie Maker
    Windows Live Photo Common
    Windows Live Photo Gallery
    Windows Live PIMT Platform
    Windows Live SOXE
    Windows Live SOXE Definitions
    Windows Live Sync
    Windows Live UX Platform
    Windows Live UX Platform Language Pack
    Windows Live Writer
    Windows Live Writer Resources
    Windows Media Center Add-in for Silverlight
    WorldWebcams
    WOT for Internet Explorer
    .
    ==== Event Viewer Messages From Past Week ========
    .
    30/06/2012 08:00:55, Error: Service Control Manager [7026] - The following boot-start or system-start driver(s) failed to load: UimBus Uim_IM
    29/06/2012 20:29:26, Error: Service Control Manager [7009] - A timeout was reached (30000 milliseconds) while waiting for the Windows Modules Installer service to connect.
    29/06/2012 20:29:26, Error: Service Control Manager [7000] - The Windows Modules Installer service failed to start due to the following error: The service did not respond to the start or control request in a timely fashion.
    29/06/2012 20:29:26, Error: Microsoft-Windows-DistributedCOM [10005] - DCOM got error "1053" attempting to start the service TrustedInstaller with arguments "" in order to run the server: {752073A1-23F2-4396-85F0-8FDB879ED0ED}
    28/06/2012 22:58:19, Error: Service Control Manager [7000] - The RkPavproc1 service failed to start due to the following error: This driver has been blocked from loading
    28/06/2012 22:58:19, Error: Application Popup [1060] - \??\C:\Windows\SysWow64\drivers\RkPavproc1.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.
    27/06/2012 09:04:27, Error: Schannel [36888] - The following fatal alert was generated: 10. The internal error state is 10.
    25/06/2012 22:16:31, Error: Service Control Manager [7031] - The Apple Mobile Device service terminated unexpectedly. It has done this 1 time(s). The following corrective action will be taken in 60000 milliseconds: Restart the service.
    .
    ==== End Of File ===========================
  • Dunwunderin
    Dunwunderin Posts: 163 Forumite
    -TangleFoot- wrote: »
    There are three ways to do this once you've got the Control Panel open:
    • Click Programs, then Java (32-bit)
    • Type 'java' into the search box in the upper right-hand corner
    • Select something other than 'Category' from the View by menu.
    Windows has been hiding third-party applets from people since Windows XP. ;)
    Found Java 32 bit heading but it has no program associated with it.
    I am running latest and only Java update( 64 bit?)
  • -TangleFoot-
    -TangleFoot- Posts: 4,673 Forumite
    Part of the Furniture Combo Breaker
    Dunwunderin wrote: »
    I am running latest and only Java update( 64 bit?)
    The one you removed was definitely 32-bit:
    Dunwunderin wrote: »
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\new_plugin\npdeployJava1.dll
    FF - plugin: C:\Program Files (x86)\Java\jre6\bin\plugin2\npdeployJava1.dll
    And if you installed the latest version using the same browser that'll be 32-bit too.
    Dunwunderin wrote: »
    Mozilla Firefox 13.0.1 (x86 en-US)
    Don't worry about it too much - it's probably been dealt with already.
  • Dunwunderin
    Dunwunderin Posts: 163 Forumite
    -TangleFoot- wrote: »
    The one you removed was definitely 32-bit:

    And if you installed the latest version using the same browser that'll be 32-bit too.

    Don't worry about it too much - it's probably been dealt with already.
    Many thanks !. It looks like I am clean again after many weeks of worry.
    Again many thanks , keep up the good work on this forum!
This discussion has been closed.
Meet your Ambassadors

🚀 Getting Started

Hi new member!

Our Getting Started Guide will help you get the most out of the Forum

Categories

  • All Categories
  • 350.8K Banking & Borrowing
  • 253.1K Reduce Debt & Boost Income
  • 453.5K Spending & Discounts
  • 243.8K Work, Benefits & Business
  • 598.7K Mortgages, Homes & Bills
  • 176.8K Life & Family
  • 257.1K Travel & Transport
  • 1.5M Hobbies & Leisure
  • 16.1K Discuss & Feedback
  • 37.6K Read-Only Boards

Is this how you want to be seen?

We see you are using a default avatar. It takes only a few seconds to pick a picture.
Update Your Picture