Great news, your logs are CLEAN! We still have a few things we need to address namely:
- I need to remove the tools we installed on your machine.
- We also have some programs on your machine that need updating to help protect you in the future.
Step 1: Program Updates and Java Warning
Updating Adobe Reader
- Malware will exploit any vulnerabilities it can find in outdated software. If you are using Adobe Reader for reading pdf files, try using FoxIt Reader. It is a very capable alternative to Adobe.
- Please click here to download FoxIt Reader.
- If you wish to continue to use Adobe Reader, then please update it by clicking here.
- Please remember to uncheck the option to install McAfee's Security Suite.
Updating Mozilla Thunderbird
You version of Mozilla Thunderbird is out of date, please click here to update it.
Keeping your software updated
Another weapon against malicious programs and viruses is to keeping other programs updated. There are several programs out there that can check for out of date programs on your computer. One is Filehippo. You can run this on a weekly or monthly basis to check your programs for updates and then it will provide a link for you to download them.
Download Filehippo Updatechecker
A word about Java
Java has become the #1 program exploited by thieves and hackers as of today. It's gotten so bad, the Department of Homeland Security recently recommended that users disable Java on their machines.
For more information regarding this, see the two articles below:
Forbes: US Department of Homeland Security Calls on user do disable Java
US warns on Java software
Unless you have software on your machine that absolutely requires Java, I highly recommend you completely remove it from your system.
If you do have software that requires it, then disable it until such time as it's needed by those programs.
Please click the link below for instructions to disable Java.
How to Disable Java in your Web Browser
If you wish to continue to use Java on your machine, please be sure to keep it updated by following the instructions below.
- Click on this link Java Website and click Do I Have Java?
- Then click the Verify Java Version button. It will scan your current version and show you if you have the most current version.
You can also download a tool called JavaRa that will automatically search for new updates and remove older versions of Java.
Click the link below to go to the download page to get the tool.
JavaRa
Once you have downloaded JavaRa
- Unzip the files to the directory of your choice.
- Double click the JavaRa icon in the directory and choose your language preference.
- Click Remove Older Versions from the menu.
- Click Yes.
- If you get a warning that Internet Explorer needs to be closed, close it, then click ok.
- JavaRa will then search for and remove old versions of Java from your machine.
You can find instructions for manually removing older versions for Windows XP, Vista, and 7 by clicking the link below:
Instructions for manually removing old versions of Java
Step 2: Deleting Old Restore Points and Creating a New Clean One.
We're going to delete your old restore points and create a new one. We do this in case you need to do a system restore, you will have a clean restore point.
Please follow the instructions below:
- Start OTL and copy the text in the quote box below.
- Paste the contents into the Custom Scans/Fixes box and click the Run Fix button.
- OTL will delete the old restore points and create a new one.
:Files
%systemroot%\sysnative\vssadmin delete shadows /for=c: /all /quiet /c
:Commands
[CreateRestorePoint]
Step 3: Tool Removal
You delete Junkware Removal Tool, SystemLookup, SystemCheck and FRST from your desktop.
Start AdwCleaner and click the Uninstall button. AdwCleaner will clean out it's quarantined files and uninstall itself.
Start OTL and click the Cleanup button. OTL will clean out it's quarantined files and then delete itself.
You can uninstall ESET Online Scanner at this time.
Step 4: Tips and Information
A warning about CryptoLocker
CryptoLocker is a ransomware program that was released around the beginning of September 2013 that targets all versions of Windows including Windows XP, Windows Vista, Windows 7, and Windows 8. This ransomware will encrypt certain files using a mixture of RSA & AES encryption. When it has finished encrypting your files, it will display a CryptoLocker payment program that prompts you to send a ransom of either $100 or $300 in order to decrypt the files. This screen will also display a timer stating that you have 72 hours, or 4 days, to pay the ransom or it will delete your encryption key and you will not have any way to decrypt your files. This ransom must be paid using MoneyPak vouchers or Bitcoins. Once you send the payment and it is verified, the program will decrypt the files that it encrypted.
Please download and install CryptoPrevent to lock your machine down from this infection.
- Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
- Be careful of the websites you visit.
- When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take you time and read each screen as you go.
- To help protect yourself while on the web, I recommend you read How did I get infected in the first place?
Are there any further issues I can assist you with?