[FireFighter254]

Sleepy!! You ARE the MAN!!!  Thank you, she will be SO happy for this fix on her machine!

 

[Advertisements]

Good, you also did a good job.

 

Time to do some clean up and post my final recommendations...

 

Step 1 - Remove the Tools we use

» Remove disinfection tools
Download DelFix and save it to your Desktop, execute the tool. (If running on Windows Vista or above accept all the security prompts).

• place a checkmark next to:
  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore
  • Reset System Settings
• Click the Run button

When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.

» Others

• Delete any .exe, .log, .txt, file created on the Desktop during the cleaning process.

 

Step 2 - How to prevent new infections

To protect your computer from being infected again its very important to keep Windows Updated and all the programs related with the internet, Web Browser, Flash Player, Adobe Reader and Java only to mention the most targeted by today security exploits. Follow the instructions below to keep these critical programs updated:

• Windows and Internet Explorer
  To keep Windows and Internet Explorer updated make sure you have Windows Update enabled on the Control Panel applet, follow the instructions for Windows 7 on this MS article How to configure and use Automatic Updates in Windows or use the FixIt tool provided.
  .
• Antivirus and Antimalware programs
  Make sure you have a Antivirus program always updated and running.
  Sometimes Antivirus can miss some malware, when that happens its good to have Malwarebytes free installed, Update and run weekly to keep your system clean. Malwarebytes is also good to revert some system changes made by the malware.
  .
• Enable the Windows Firewall
  No system can be considered safe if not protected by a Firewall. If you are connected to the Internet by a Router you should check its configuration and make sure the firewall is active.
  If you connect by modem or to a open Local Network you should enable the Windows 7 built-in firewall.
  .
• Adobe Flash Player
  To update Adobe Flash Player accept any prompt to update or manually initiate the update by opening Start Menu > Settings > Control Panel open the applet called Flash Player, on the Advanced tab click the Check Now button. Accept any prompt to install an updated version.
  .
• Adobe Reader
  Adobe Reader, can be updated if you Open Adobe Reader from the Start Menu, when the program full load click on the Help menu next click the Check for updates now option. Follow the prompts to install any new update.
  .
• Java Runtime
  When java is installed its extremely important to update immediately when you get a notification pop-up from the Java Updater. Or update manually by opening the Start Menu > Settings > Control Panel, open the applet called Java on the Update tab click the Update Now button. The program will prompt you to install any new updated version available.
  Every time you update Java make sure you uncheck the box asking to Install the Ask Toolbar and make Ask my default search provider
  
  For safety you can have Java installed but disabled in your browsers and only enable it when you need it. You can Enable/Disable Java by executing the following steps:
  Click the Start button > Control Panel > Java/Java (32-bit) or Programs if in Classic View, click the Security tab and uncheck the box Enable Java content in the browser and click OK
  
  .
• Keep Installed Programs Up to Date
  It's important to keep all other programs on your computer updated because they can also have security vulnerability explored by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use one of the following programs to help you with this task:
  • Secunia Personal Software Inspector (PSI)
  • FileHippo.com Update Checker

• Surf the Net with extra Security
  Every web browser is a target for malware, the bad guys are always trying to explorer security holes to infect the computers, and this is especially true for Internet Explorer because is one of the most used. Using alternatives like Mozilla Firefox or Google Chrome can help protecting your computer from infections.
  You can add a extra layer of protection to your web browser by installing two add-ons AdBlockPlus and Web Of Trust (WOT).

.
Security Alert

Eventually you may not know but there is a new threat that's currently doing the rounds called Cryptolocker. This is a particularly nasty piece of work as it scans your files for certain file types (*.doc, *.pdf, *.xls, *.jpg, *.odt, and many more) and encrypts them, rendering the files worthless unless you have a decryption key that is generated by the malware specifically for your computer and sent to the Cryptolocker creators. This kind of malware is called RansomWare because they hold the key and ask for a ransom (about $300 USD) to unlock your files, also there is no warranty that you will actually recover your files!

There is no way to guarantee that you are 100% secure against the Cryptolocker threat because the malware is constantly evolving. Presently there is a tiny utility that you can install to minimize the risk called CryptoPrevent, it will set some windows policy restrictions to block the execution of the malware.


The tool can be downloaded here. More information about Cryptolocker can be found on the following topic @bleepingcomputer.com.
.
::: Some final recommendations :::

• *Always* Keep a backup of your important files;
• When installing\updating any program, make sure you always select Custom Installation, this way you can Uncheck any possible drive-by-install (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click Next button without looking at any given page;
• Always try to download programs from the authors home pages. Today many big download sites are forcing users to install download helper tools that includes Adware, Spyware and extra crap you don't need to install. There is a new free program available called Unchecky, when installed it will try to automatically uncheck the checkboxs for you and alert when you are about to install extra crap.
• Finally, please read:
  • How did I Get Infected in the First Place?
  • Pitfalls of free downloads...
  • Simple and easy ways to keep your computer safe and secure on the Internet

Best Regards and have a Safe surfing!

[SleepyDude]

Good, you also did a good job.

 

Time to do some clean up and post my final recommendations...

 

Step 1 - Remove the Tools we use

» Remove disinfection tools
Download DelFix and save it to your Desktop, execute the tool. (If running on Windows Vista or above accept all the security prompts).

• place a checkmark next to:
  • Activate UAC
  • Remove disinfection tools
  • Create registry backup
  • Purge system restore
  • Reset System Settings
• Click the Run button

When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.

» Others

• Delete any .exe, .log, .txt, file created on the Desktop during the cleaning process.

 

Step 2 - How to prevent new infections

To protect your computer from being infected again its very important to keep Windows Updated and all the programs related with the internet, Web Browser, Flash Player, Adobe Reader and Java only to mention the most targeted by today security exploits. Follow the instructions below to keep these critical programs updated:

• Windows and Internet Explorer
  To keep Windows and Internet Explorer updated make sure you have Windows Update enabled on the Control Panel applet, follow the instructions for Windows 7 on this MS article How to configure and use Automatic Updates in Windows or use the FixIt tool provided.
  .
• Antivirus and Antimalware programs
  Make sure you have a Antivirus program always updated and running.
  Sometimes Antivirus can miss some malware, when that happens its good to have Malwarebytes free installed, Update and run weekly to keep your system clean. Malwarebytes is also good to revert some system changes made by the malware.
  .
• Enable the Windows Firewall
  No system can be considered safe if not protected by a Firewall. If you are connected to the Internet by a Router you should check its configuration and make sure the firewall is active.
  If you connect by modem or to a open Local Network you should enable the Windows 7 built-in firewall.
  .
• Adobe Flash Player
  To update Adobe Flash Player accept any prompt to update or manually initiate the update by opening Start Menu > Settings > Control Panel open the applet called Flash Player, on the Advanced tab click the Check Now button. Accept any prompt to install an updated version.
  .
• Adobe Reader
  Adobe Reader, can be updated if you Open Adobe Reader from the Start Menu, when the program full load click on the Help menu next click the Check for updates now option. Follow the prompts to install any new update.
  .
• Java Runtime
  When java is installed its extremely important to update immediately when you get a notification pop-up from the Java Updater. Or update manually by opening the Start Menu > Settings > Control Panel, open the applet called Java on the Update tab click the Update Now button. The program will prompt you to install any new updated version available.
  Every time you update Java make sure you uncheck the box asking to Install the Ask Toolbar and make Ask my default search provider
  
  For safety you can have Java installed but disabled in your browsers and only enable it when you need it. You can Enable/Disable Java by executing the following steps:
  Click the Start button > Control Panel > Java/Java (32-bit) or Programs if in Classic View, click the Security tab and uncheck the box Enable Java content in the browser and click OK
  
  .
• Keep Installed Programs Up to Date
  It's important to keep all other programs on your computer updated because they can also have security vulnerability explored by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use one of the following programs to help you with this task:
  • Secunia Personal Software Inspector (PSI)
  • FileHippo.com Update Checker

• Surf the Net with extra Security
  Every web browser is a target for malware, the bad guys are always trying to explorer security holes to infect the computers, and this is especially true for Internet Explorer because is one of the most used. Using alternatives like Mozilla Firefox or Google Chrome can help protecting your computer from infections.
  You can add a extra layer of protection to your web browser by installing two add-ons AdBlockPlus and Web Of Trust (WOT).

.
Security Alert

Eventually you may not know but there is a new threat that's currently doing the rounds called Cryptolocker. This is a particularly nasty piece of work as it scans your files for certain file types (*.doc, *.pdf, *.xls, *.jpg, *.odt, and many more) and encrypts them, rendering the files worthless unless you have a decryption key that is generated by the malware specifically for your computer and sent to the Cryptolocker creators. This kind of malware is called RansomWare because they hold the key and ask for a ransom (about $300 USD) to unlock your files, also there is no warranty that you will actually recover your files!

There is no way to guarantee that you are 100% secure against the Cryptolocker threat because the malware is constantly evolving. Presently there is a tiny utility that you can install to minimize the risk called CryptoPrevent, it will set some windows policy restrictions to block the execution of the malware.


The tool can be downloaded here. More information about Cryptolocker can be found on the following topic @bleepingcomputer.com.
.
::: Some final recommendations :::

• *Always* Keep a backup of your important files;
• When installing\updating any program, make sure you always select Custom Installation, this way you can Uncheck any possible drive-by-install (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click Next button without looking at any given page;
• Always try to download programs from the authors home pages. Today many big download sites are forcing users to install download helper tools that includes Adware, Spyware and extra crap you don't need to install. There is a new free program available called Unchecky, when installed it will try to automatically uncheck the checkboxs for you and alert when you are about to install extra crap.
• Finally, please read:
  • How did I Get Infected in the First Place?
  • Pitfalls of free downloads...
  • Simple and easy ways to keep your computer safe and secure on the Internet

Best Regards and have a Safe surfing!

[FireFighter254]

Thank YOU so much. I will surely have her read over all of this. God Bless 

 

Couldn't do the Java disable. The Security Tab only has the "Certificates" tab located in that window.

 

 

# DelFix v10.7 - Logfile created 02/05/2014 at 18:58:42

# Updated 27/04/2014 by Xplode

# Username : Administrator - LBUDJR-PC

# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)

 

~ Activating UAC ... OK

 

~ Removing disinfection tools ...

 

Deleted : C:\_OTL

Deleted : C:\AdwCleaner

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\mbar

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\AdwCleaner.exe

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\AdwCleaner[S0].txt

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\Extras.Txt

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\JRT.exe

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\JRT.txt

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\OTL.Txt

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\OTL.exe

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\rkill.exe

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\Rkill.txt

Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\SecurityCheck.exe

Deleted : HKLM\SOFTWARE\OldTimer Tools

Deleted : HKLM\SOFTWARE\AdwCleaner

 

~ Creating registry backup ... OK

 

~ Cleaning system restore ...

 

Deleted : RP #306 [Windows Update | 04/15/2014 23:44:22]

Deleted : RP #307 [Windows Update | 04/16/2014 01:07:51]

Deleted : RP #308 [Windows Update | 04/28/2014 21:24:52]

Deleted : RP #309 [Norton 360 Registry Clean | 04/29/2014 03:39:25]

Deleted : RP #310 [Windows Update | 04/29/2014 07:00:12]

Deleted : RP #311 [Removed Java™ 6 Update 17 | 04/29/2014 22:30:04]

Deleted : RP #312 [Windows Update | 04/30/2014 07:00:12]

Deleted : RP #313 [Windows Update | 05/01/2014 14:18:06]

Deleted : RP #314 [OTL Restore Point - 5/1/2014 4:08:46 PM | 05/01/2014 20:08:46]

Deleted : RP #315 [Windows Modules Installer | 05/02/2014 17:01:14]

Deleted : RP #316 [Windows Update | 05/02/2014 17:07:53]

 

New restore point created !

 

~ Resetting system settings ... OK

 

########## - EOF - ##########

Edited by FireFighter254, 02 May 2014 - 05:21 PM.

[SleepyDude]

Couldn't do the Java disable. The Security Tab only has the "Certificates" tab located in that window.

 

My mistake, sorry.

 

If there isn't a particular reason to have Java (64-bit) installed and most users don't need it, uninstall it and also ESET, I forgot to include in my other post.

 

Please uninstall the following two programs:

- Java™ 7 Update 5 (64-bit)

- ESET On-line scanner

 

If you *really* need java install Java 32-Bits by going to the Java download page and clicking on the link Windows Offline (32-bit) this file will not include any unneeded extras like the ASK Toolbar.

[FireFighter254]

Thank you, I will do that. I don't know why I/we need Java unless some websites require it.