« previous next »
Pages: [1]   Go Down

Author Topic: Bug (Java??)  (Read 2898 times)

0 Members and 1 Guest are viewing this topic.

oolongcranberry

  • Guest
Bug (Java??)
« on: April 14, 2014, 08:43:54 PM »
Long story short I wanted to watch a show, which then redirected me to a page saying I need to update my Java, so I clicked the button and installed it (twice by accident) and avast sent me several messages saying that the content was blocked. On the window on the right side (the one that pops up) the source of the bug was IN my laptop files, not a website.
Either way, now my computer works a lot slower, there are two files installed and a program with an empty folder (before I ran the scans anyway).
Also my google homepage was changed to something else
I did all the scans and I just want to know if everything is okay and if I need to do anything else now

Logs attached. The aswMBR is not compatible for Win8 but I ran the scan anyway, so that log is attached too.

Thank you!
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Bug (Java??)
« Reply #1 on: April 14, 2014, 08:52:46 PM »
Let me know how the computer is after this

Warning This fix is only relevant for this system and no other, using on another computer may cause problems

Be advised that when the fix commences it will shut down all running processes and you may lose the desktop and icons, they will return on reboot

Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following


Code: [Select]
:Commands
[CREATERESTOREPOINT]

:OTL
SRV - [2014/04/11 23:58:14 | 000,355,328 | ---- | M] () [Auto | Running] -- C:\Users\N\AppData\Roaming\VOPackage\VOsrv.exe -- (vosr)
IE - HKLM\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZOkiLMwdFQEJrUhlrDi5FtiyRw82HtY61qOfiWyBz3XhBkArnEGXgG8kM7Pwo_JdSYgItjNtl2MJeyEnKfetZfBqyHvo2l9yz6wgvPKZH9lj-1l7DWRa4rleN_tJRX2qQwLrQINvU49nw,,&q={searchTerms}
IE - HKU\S-1-5-21-450977550-1106391681-905171217-1001\..\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}: "URL" = http://feed.snapdo.com/?p=mKO_AwFzXIpYRbPGr6JN_C9Okvk3V9BHMT-IkVs3eDgJlBATeRnAqXYyYJDXLfK6eZOkiLMwdFQEJrUhlrDi5FtiyRw82HtY61qOfiWyBz3XhBkArnEGXgG8kM7Pwo_JdSYgItjNtl2MJeyEnKfetZfBqyHvo2l9yz6wgvPKZH9lj-1l7DWRa4rleN_tJRX2qQwLrQINvU49nw,,&q={searchTerms}
O3:64bit: - HKLM\..\Toolbar: (Shopping Helper Smartbar) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (Microsoft Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Shopping Helper Smartbar) - {ae07101b-46d4-4a98-af68-0333ea26e113} - mscoree.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [] File not found
[2014/04/14 17:52:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Optimizer Pro v3.2
[2014/04/14 17:52:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Optimizer Pro
[2014/04/14 17:52:52 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Local\Programs
[2014/04/14 17:52:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AnyProtectEx
[2014/04/14 17:52:20 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\VOPackage
[2014/04/14 17:52:18 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Roaming\VOPackage
[2014/04/14 17:51:46 | 000,000,000 | ---D | C] -- C:\Users\N\AppData\Local\Smartbar
[2014/04/14 17:58:10 | 000,001,048 | ---- | C] () -- C:\Users\N\Desktop\Continue VuuPC Installation.lnk
[2014/04/14 17:52:58 | 000,001,073 | ---- | C] () -- C:\Users\N\Desktop\Optimizer Pro.lnk
[2014/04/14 17:52:20 | 000,000,000 | ---D | M] -- C:\Users\N\AppData\Roaming\VOPackage
@Alternate Data Stream - 1229 bytes -> C:\ProgramData\Microsoft:kIIdxzOJ6FhdXR5kvCIwbk
@Alternate Data Stream - 1200 bytes -> C:\ProgramData\Microsoft:I3BpGZvqmzBDw3hJ7HY558FbB
@Alternate Data Stream - 1067 bytes -> C:\Program Files (x86)\Common Files\Microsoft Shared:GJG87FcgcycgqmJlny7
@Alternate Data Stream - 1034 bytes -> C:\ProgramData\Microsoft:qVSS2yxTIrSTUX3OpeOL2PUjP1JQB

:Commands
[resethosts]
[emptytemp]
[Reboot]
  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.
THEN

Please download AdwCleaner by Xplode onto your desktop.
  • Close all open programs and internet browsers.
  • Double click on AdwCleaner.exe to run the tool.
  • Click on Scan.
  • After the scan is complete click on "Clean"
  • Confirm each time with Ok.
  • Your computer will be rebooted automatically. A text file will open after the restart.
  • Please post the content of that logfile with your next answer.
  • You can find the logfile at C:\AdwCleaner[S1].txt as well.
Logged

oolongcranberry

  • Guest
Re: Bug (Java??)
« Reply #2 on: April 15, 2014, 10:53:26 AM »
I ran the scans and fixes and I'm attaching the logs :)

I also wanted to know, for future reference, if I should upgrade my version of avast for one that you have to pay for? Would it make a big difference in preventing me from getting bugs and PUPs?
Logged

SafeSurf

  • Guest
Re: Bug (Java??)
« Reply #3 on: April 15, 2014, 11:13:37 AM »
It's up to you, or you can layer your security with something like Malwarebytes (MBAM).  Are you using a 2-way firewall preferably with HIPS?
Logged

oolongcranberry

  • Guest
Re: Bug (Java??)
« Reply #4 on: April 15, 2014, 11:37:23 AM »
SafeSurf: I have no idea; this goes beyond my computer knowledge, sadly :P
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Bug (Java??)
« Reply #5 on: April 15, 2014, 03:27:43 PM »
Generally Avast free will be sufficient, unless you need safezone for online banking etc. 
Windows 8 firewall is again sufficient.

For PUP's you can set Avast to detect them and harden how Avast works, it is a tad noiser (a few alert popups) but definitely an option

How is the computer behaving now ?
Logged

oolongcranberry

  • Guest
Re: Bug (Java??)
« Reply #6 on: April 15, 2014, 05:47:21 PM »
It seems to be back to normal :)

Thank you so much for all the help uvu
Logged

Offline essexboy

  • Malware removal instructor
  • Avast Überevangelist
  • Probably Bot
  • *****
  • Posts: 40589
  • Dragons by Sasha
    • Malware fixes
Re: Bug (Java??)
« Reply #7 on: April 15, 2014, 07:03:41 PM »
In that case methinks I will send you on your merry way :)

Subject to no further problems   :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems 

Now the best part of the day ----- Your log now appears clean  :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset  System Restore points:

Download and run Delfix



Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware



Malwarebytes.

Update and run weekly to keep your system clean


It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide  Best security practices Keep safe  :wave:
Logged
Pages: [1]   Go Up
« previous next »