Trojan.Maljava - Keeps coming back

Hello, and as my title states I have a sticky problem. I've read up on this trojan and it seems its a keylogger(Which doesn't help my paranoia..) and with this, it keeps.. Coming back. I had a major issue with it a few weeks ago, not knowing what it was and it was crashing my computer if I ran anything LARGE(Ex, large online game). I solved that issue, and now.. I keep regetting it. Yesterday I had 55 of it. Yes, 55. I don't know how I had so many clones of it, but I thought I was good now that I had scanned and gotten rid of them all. I had a full day and night of no issues, and then shut down and slept. Today, however, I booted up my computer, ate a donut, and opened a large game, and then after a few minutes.. Loe and behold it crashes in the tale-tell way.

 

So, here I am doing a full scan, which will take some time, to remove it... AGAIN.. but now I am also here fishing for information.

 

 

How does it origionate? Is it indeed a keylogger? Why does it keep coming back?

Hi renala 

 

Am sorry that you are getting the virus again . I suggest you to try scanning your computer using 

Norton power eraser which is available at www.norton.com/npe 

 

Run a scan using norton power eraser and let us know what is happening 

 

-Venkat0052

Finished the normal full scan with.. no results.

 

Anyway, got the NPE thing, ran it, and I have 3 results.

 

inventory.exe -- shortcut type -- bad status -- action remove.

hosts -- DNS entry -- bad status -- repair action

mumble.exe -- shortcut --unknown status -- no action. (This is a voice program, by the way.)

 

Going to do the fix button to fix it, and then restart as it prompts.

Is it possible for you to attach host file 

 

to access the host file 

 

win key +R 

type drivers

open etc 

you can find the file named hosts 

 

copy the file and attach with the thread 

 

-Venkat0052

Ok, sorry for delay, but appon trying to copy/paste it to link it, I get the error on the site..

 

"The file does not have a valid extension for an attachment. txt,log,lue are the valid extensions."

COPY the file to desktop 

open it using notepad 

save it as text and attach the file :)

 

-Venkat0052

Alright. I think this is it, then!... Also, this is the host file after the program was ran and fixed.

Does Norton keep dertecting the Trojan.Maljava in a location like "C:\Users\a0187798\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\0..............................."??

 

Quads

It doesn't real-time find it, but on scans its ALWAYS in temp folder

So something keeps creating a file(s) in the TEMP folder that gets detected.

 

Please read carefully

 

1. Please download aswMBR hxxp://public.avast.com/~gmerek/aswMBR.exe to your desktop. (replace the hxxp with http)
Double click the aswMBR.exe icon to run it
it will ask to download extra definitions - ALLOW IT / Yes
Click the Scan button to start the scan
On completion of the scan, click the save log button, save it to your desktop and Please attach the log in the post back

 

2. 

  Download OTL   hxxp://oldtimer.geekstogo.com/OTL.exe   (change the hxxp to http) save it to your Desktop.

Double click on OTL.exe to run it.  Right click OTL.exe and select run as administator for Vista and Win 7.

Click the Scan All Users checkbox.

Change file age to 60 days


Press the 

 

 

 

Quads