Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Infection - Need Help Cleaning


  • Please log in to reply

#31
FireFighter254

FireFighter254

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts

Sleepy!! You ARE the MAN!!!  Thank you, she will be SO happy for this fix on her machine!

 

FIXED_zps54d42a0e.jpg


  • 0

Advertisements


#32
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,412 posts

Good, you also did a good job. :thumbsup:

 

Time to do some clean up and post my final recommendations...

 

Step 1 - Remove the Tools we use

» Remove disinfection tools
delfix_icon.gifDownload DelFix and save it to your Desktop, execute the tool. (If running on Windows Vista or above accept all the security prompts).

DelFixAll.png

  • place a checkmark next to:
    • Activate UAC
    • Remove disinfection tools
    • Create registry backup
    • Purge system restore
    • Reset System Settings
  • Click the Run button

When the tool is finished, a log will open in notepad. Please copy and paste the log in your next reply.

» Others

  • Delete any .exe, .log, .txt, file created on the Desktop during the cleaning process.

 

Step 2 - How to prevent new infections

To protect your computer from being infected again its very important to keep Windows Updated and all the programs related with the internet, Web Browser, Flash Player, Adobe Reader and Java only to mention the most targeted by today security exploits. Follow the instructions below to keep these critical programs updated:

  • Windows and Internet Explorer
    To keep Windows and Internet Explorer updated make sure you have Windows Update enabled on the Control Panel applet, follow the instructions for Windows 7 on this MS article How to configure and use Automatic Updates in Windows or use the FixIt tool provided.
    .
  • Antivirus and Antimalware programs
    Make sure you have a Antivirus program always updated and running.
    Sometimes Antivirus can miss some malware, when that happens its good to have Malwarebytes free installed, Update and run weekly to keep your system clean. Malwarebytes is also good to revert some system changes made by the malware.
    .
  • Enable the Windows Firewall
    No system can be considered safe if not protected by a Firewall. If you are connected to the Internet by a Router you should check its configuration and make sure the firewall is active.
    If you connect by modem or to a open Local Network you should enable the Windows 7 built-in firewall.
    .
  • Adobe Flash Player
    To update Adobe Flash Player accept any prompt to update or manually initiate the update by opening Start Menu > Settings > Control Panel open the applet called Flash Player, on the Advanced tab click the Check Now button. Accept any prompt to install an updated version.
    .
  • Adobe Reader
    Adobe Reader, can be updated if you Open Adobe Reader from the Start Menu, when the program full load click on the Help menu next click the Check for updates now option. Follow the prompts to install any new update.
    .
  • Java Runtime
    When java is installed its extremely important to update immediately when you get a notification pop-up from the Java Updater. Or update manually by opening the Start Menu > Settings > Control Panel, open the applet called Java on the Update tab click the Update Now button. The program will prompt you to install any new updated version available.
    Every time you update Java make sure you uncheck the box asking to Install the Ask Toolbar and make Ask my default search provider

    For safety you can have Java installed but disabled in your browsers and only enable it when you need it. You can Enable/Disable Java by executing the following steps:
    Click the Start button Win7Orb.gif > Control Panel > Java/Java (32-bit) or Programs if in Classic View, click the Security tab and uncheck the box Enable Java content in the browser and click OK
    javapanel.jpeg
    .
  • Keep Installed Programs Up to Date
    It's important to keep all other programs on your computer updated because they can also have security vulnerability explored by the malware to infect you. Therefore, it is also a good idea to check for the latest versions of commonly installed applications to fix vulnerabilities, this can be done manually by using the Update feature included in most programs or you can use one of the following programs to help you with this task:
  • Surf the Net with extra Security
    Every web browser is a target for malware, the bad guys are always trying to explorer security holes to infect the computers, and this is especially true for Internet Explorer because is one of the most used. Using alternatives like Mozilla Firefox or Google Chrome can help protecting your computer from infections.
    You can add a extra layer of protection to your web browser by installing two add-ons AdBlockPlus and Web Of Trust (WOT).

.
:alarm: Security Alert :alarm:

Eventually you may not know but there is a new threat that's currently doing the rounds called Cryptolocker. This is a particularly nasty piece of work as it scans your files for certain file types (*.doc, *.pdf, *.xls, *.jpg, *.odt, and many more) and encrypts them, rendering the files worthless unless you have a decryption key that is generated by the malware specifically for your computer and sent to the Cryptolocker creators. This kind of malware is called RansomWare because they hold the key and ask for a ransom (about $300 USD) to unlock your files, also there is no warranty that you will actually recover your files!

There is no way to guarantee that you are 100% secure against the Cryptolocker threat because the malware is constantly evolving. Presently there is a tiny utility that you can install to minimize the risk called CryptoPrevent, it will set some windows policy restrictions to block the execution of the malware.

cryptoprevent41.png
The tool can be downloaded here. More information about Cryptolocker can be found on the following topic @bleepingcomputer.com.
.
::: Some final recommendations :::

Best Regards and have a Safe surfing! :wave:


  • 0

#33
FireFighter254

FireFighter254

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts

Thank YOU so much. I will surely have her read over all of this. God Bless  :yes:

 

Couldn't do the Java disable. The Security Tab only has the "Certificates" tab located in that window.

 

 

# DelFix v10.7 - Logfile created 02/05/2014 at 18:58:42
# Updated 27/04/2014 by Xplode
# Username : Administrator - LBUDJR-PC
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
 
~ Activating UAC ... OK
 
~ Removing disinfection tools ...
 
Deleted : C:\_OTL
Deleted : C:\AdwCleaner
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\mbar
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\AdwCleaner.exe
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\AdwCleaner[S0].txt
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\Extras.Txt
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\JRT.exe
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\JRT.txt
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\OTL.Txt
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\OTL.exe
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\rkill.exe
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\Rkill.txt
Deleted : C:\Users\Administrator.LBUDJR-PC\Desktop\SecurityCheck.exe
Deleted : HKLM\SOFTWARE\OldTimer Tools
Deleted : HKLM\SOFTWARE\AdwCleaner
 
~ Creating registry backup ... OK
 
~ Cleaning system restore ...
 
Deleted : RP #306 [Windows Update | 04/15/2014 23:44:22]
Deleted : RP #307 [Windows Update | 04/16/2014 01:07:51]
Deleted : RP #308 [Windows Update | 04/28/2014 21:24:52]
Deleted : RP #309 [Norton 360 Registry Clean | 04/29/2014 03:39:25]
Deleted : RP #310 [Windows Update | 04/29/2014 07:00:12]
Deleted : RP #311 [Removed Java™ 6 Update 17 | 04/29/2014 22:30:04]
Deleted : RP #312 [Windows Update | 04/30/2014 07:00:12]
Deleted : RP #313 [Windows Update | 05/01/2014 14:18:06]
Deleted : RP #314 [OTL Restore Point - 5/1/2014 4:08:46 PM | 05/01/2014 20:08:46]
Deleted : RP #315 [Windows Modules Installer | 05/02/2014 17:01:14]
Deleted : RP #316 [Windows Update | 05/02/2014 17:07:53]
 
New restore point created !
 
~ Resetting system settings ... OK
 
########## - EOF - ##########

Edited by FireFighter254, 02 May 2014 - 05:21 PM.

  • 0

#34
SleepyDude

SleepyDude

    Trusted Helper

  • Malware Removal
  • 4,412 posts

Couldn't do the Java disable. The Security Tab only has the "Certificates" tab located in that window.
 
My mistake, sorry.
 
If there isn't a particular reason to have Java (64-bit) installed and most users don't need it, uninstall it and also ESET, I forgot to include in my other post.
 
Please uninstall the following two programs:
- Java™ 7 Update 5 (64-bit)
- ESET On-line scanner
 
If you *really* need java install Java 32-Bits by going to the Java download page and clicking on the link Windows Offline (32-bit) this file will not include any unneeded extras like the ASK Toolbar.

  • 0

#35
FireFighter254

FireFighter254

    Member

  • Topic Starter
  • Member
  • PipPip
  • 81 posts

Thank you, I will do that. I don't know why I/we need Java unless some websites require it.


  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP