And yet another "Java Software Critical Update" virus problem

L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
Hi again,

Thanks. I have the manual. Is there anything I should know / do before I disconnect from the internet / this thread?

Leo
 
L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
Good afternoon (at least here it is),

Yes. I have reset using the indicated recessed button on the bottom of the router.
The router has also been reconfigured.

Now what?

Leo
 
L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
The virus appears in all four browsers I have:
SeaMonkey
Chrome
Firefox
Internet Explorer
 

Attachments

  • FRST.txt
    30.4 KB · Views: 93
  • Addition.txt
    46.1 KB · Views: 82
L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
Hi,

Unfortunately, nothing has changed in Chrome. Java virus still replaces the page visited. Clicking "Back one page" brings you to the previous page, not the one where you wanted to go. I mean, I was on page A, went to page B, then the virus took me to page C. Upon clicking the "Back one page", I found myself on A again.

Leo
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Very stubbor virus, I don't see any sign of it in reports:

Let's try one more tool:


  • Please download RogueKiller and save to the desktop.
  • Close all windows and browsers
  • Right-click the program and select 'Run as Administrator'
  • Press the Scan button.
  • A report opens on the desktop named - RKreport.txt
  • Please post it in your next reply.
 
L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
Hi,
Indeed, it seems to be very hidden.

See RogueKIller log attached.

Leo
 

Attachments

  • RKreport[0]_S_05112014_160318.txt
    2.4 KB · Views: 79
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Let's try this:

Open CommandPrompt and type following commands one by one:


ipconfig /flushdns

ipconfig /renew

Let me know how is computer after this.
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Let's try this:


Please download AdwCleaner by Xplode and save to your Desktop.

Double click on AdwCleaner.exe to run the tool.
  • Click on the Scan button.
  • After the scan has finished click on the Clean button.

Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
  • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
  • Post logfile will also be saved in the C:\AdwCleaner folder.


thisisujrt.gif
Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
Please try to uninstall Java from Control Panel and see if this helped. Can you also tell me when this started to happen, what did you do?
 
TwinHeadedEagle

TwinHeadedEagle

Level 41
Verified
Mar 8, 2013
22,627
> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code: 
Domaiq;a
Domaiq;z
 
L

Leo Niehorster

New Member
Thread author
Verified
May 9, 2014
31
Hello,
Sorry for the delay.

The uninstalling and reinstalling of Java did not work. Note that the virus has appeared intermittantly before, and only on some sites.

I have run Zoek with your latest script. See attached log.
(Still getting the Java virus.)
(Your thread message of 11:00 PM was not advised per email)

I have reinstalled Avira, which had for many years not allowed anything to slip through.
Will see if this was a mishap, or if its protection is no longer effective.

I still have the icons of ComboFix visible in Explorer, with its endless copies. Any idea of how to eliminate this strange item? (See attached image of Windows Exporer tree).

Cheers
Leo
 

Attachments

  • ComboFix mess.jpg
    ComboFix mess.jpg
    49.2 KB · Views: 90
  • zoek-results.txt
    887 bytes · Views: 112

Similar threads

B
  • Locked
Solved Win 10 PC - Trojan, Win32/Orsam!rts virus, Win32Keygen and email threats
Replies
11
Views
5,034
Windows Malware Removal Help & Support
mellowtones242
mellowtones242
K
Solved virus seems to reinstall itself during boot into shell
Replies
63
Views
15,245
Windows Malware Removal Help & Support
TwinHeadedEagle
TwinHeadedEagle
P
  • Locked
Cannot remove MUVIC SMART BAR software
Replies
4
Views
3,852
Windows Malware Removal Help & Support
TwinHeadedEagle
TwinHeadedEagle

About us

  • MalwareTips is a community-driven platform providing the latest information and resources on malware and cyber threats. Our team of experienced professionals and passionate volunteers work to keep the internet safe and secure. We provide accurate, up-to-date information and strive to build a strong and supportive community dedicated to cybersecurity.

Quick Navigation

Forum Rules Warning System Welcome Guide Two-factor Authentication

User Menu

Login

Follow us

Follow us on Facebook or Twitter to know first about the latest cybersecurity incidents and malware threats.

Top