Hi this looks good now.
The Exploit:Java/CVE-2012-0507.BB is a malicious Java applet that attempts to exploit a vulnerability in the Java Runtime Environment (JRE) in order to download and install files of an attacker's choice onto your computer.
Most likely it squeezed in before you updated Java.
Yeah that key finder is not really an issue.
Your log shows detections related to OpenCandy
is an advertising application distributed by the OpenCandy Software Network which displays ads in other programs. The use of advertisement is a way to promote software packages and recover development costs. OpenCandy is not installed on a computer, does not collect personally identifiable information and in most cases allows the user to choose whether or not to install advertised software recommended by the vendor. Although no personal information is collected, the software does collect anonymous statistics about events and other data during installation. See What information does OpenCandy collect?
This is what OpenCandy has to say about their product.
What is OpenCandy?
OpenCandy provides a plug-in that developers include in their software to earn money by showing recommendations for other software in their installers. Developers use this money to keep their software free and invest in further software development. The installer uses the OpenCandy plug-in to present a software recommendation...during installation. You have complete control to accept the software recommendation by selecting either the Install or Do not install options on the software recommendation screen.
The OpenCanday network has partnered with various popular and trusted software developers who bundle their product as part of the program's software installation package. A list of such developers can be found here
. Some vendors will clearly advise the use of OpenCandy before downloading their software, while others may provide confusing or no information at all. An example would be SIW (System Information for Windows) which clearly indicates on their website the use of OpenCandy.
SIW Home Edition is bundled with OpenCandy
What is OpenCandy?
OpenCandy is similar to Google AdSense, except it displays advertisements in installation program instead of websites. These advertisements promote another software packages. The advertisements are selected by providers of software being installed. When user installing a software (SIW) chooses to install promoted package, revenue is generated and shared between OpenCandy and software providers (SIW developers).
OpenCandy is not
a virus or malware. However, since it is responsible for displaying advertisements, it may be detected (and sometimes removed) by various anti-virus and other security scanning tools as Adware
, a classification that broadly defines the term as any software package which automatically displays advertisements in any form in order to generate revenue. For example, the Microsoft Malware Protection Center (MMPC) detects the program as Adware:Win32/OpenCandy
, a low level threat and so does McAfee
In response to this detection, OpenCandy has provided the following information:
Of course OpenCandy is in business to make money so they are going to defend their product and portray it in a positive light. For another opinion, you may want to read: OpenCandy: A New Kind of Adware/Spyware
IMO, removal of OpenCandy detections is an optional choice. I have provided the information so you can make an informed decision as whether to remove it or not.
I had the same Malware infection (Vista Security 2012)....I wasn't sure whether to start a separate thread for the same issue so apologies if that is the case.
Yes, if you have an issue or problem you would like to discuss, please start your own topic. Doing that will help to avoid the confusion
that often occurs when trying to help two or more members at the same time in the same thread. Even if your problem is similar to the original poster's problem, the solution could be different based on the kind of hardware, software, system requirements, etc. you are using and the presence of other malware. Further, posting for assistance in someone else's topic is not considered proper forum etiquette.
If there are no more problems or signs of infection, you should Create a New Restore Point to prevent possible reinfection from an old one
. Some of the malware you picked up could have been saved in System Restore. Since this is a protected directory your tools cannot access to delete these files, they sometimes can reinfect your system if you accidentally use an old restore point. Setting a new restore point AFTER cleaning your system will help prevent this and enable your computer to "roll-back
" to a clean working state.The easiest and safest way to do this is
- Go to Start > Programs > Accessories > System Tools and click "System Restore".
- Choose the radio button marked "Create a Restore Point" on the first screen then click "Next". Give the R.P. a name, then click "Create". The new point will be stamped with the current date and time. Keep a log of this so you can find it easily should you need to use System Restore.
- Then use Disk Cleanup to remove all but the most recently created Restore Point.
- Go to Start > Run and type: Cleanmgr
- Click "Ok". Disk Cleanup will scan your files for several minutes, then open.
- Click the "More Options" tab, then click the "Clean up" button under System Restore.
- Click Ok. You will be prompted with "Are you sure you want to delete all but the most recent restore point?"
- Click Yes, then click Ok.
- Click Yes again when prompted with "Are you sure you want to perform these actions?"
- Disk Cleanup will remove the files and close automatically.
can refer to these links: Create a New Restore Point
and Disk Cleanup
.Tips to protect yourself against malware and reduce the potential for re-infection:
Avoid gaming sites
, pirated software
, cracking tools
, and peer-to-peer
(P2P) file sharing
programs. They are a security risk which can make your computer susceptible to a smörgåsbord of malware infections
, remote attacks, exposure of personal information, and identity theft. Many malicious worms and Trojans spread across P2P file sharing networks, gaming and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads
and malicious Flash ads
that install viruses, Trojans and spyware
. Ads are a target for hackers because they offer a stealthy way to distribute malware to a wide range of Internet users. The best way to reduce the risk of infection is to avoid these types of web sites and not use any P2P applications. Read P2P Software User Advisories
and Risks of File-Sharing Technology
Keeping Autorun enabled
on USB and other removable drives has become a significant security risk
due to the increasing number of malware variants that can infect them and transfer the infection to your computer. To learn more about this risk, please read: