[BrianR1976]

They are happening still but with less frequency. I am wondering if when I uninstalled Firefox if I cleared some of it up. I cannot remember if this has happened with other browsers or not. I want to say it has. Should I maybe completely remove Firefox and start over? Not just uninstall and reinstall but remove all the files (minus the bookmarks ofcourse)

[Advertisements]

They are happening still but with less frequency. I am wondering if when I uninstalled Firefox if I cleared some of it up. I cannot remember if this has happened with other browsers or not. I want to say it has. Should I maybe completely remove Firefox and start over? Not just uninstall and reinstall but remove all the files (minus the bookmarks ofcourse)

Let's run ZOEK in autoclean mode before we do a full uninstall and reinstall of Firefox.


Step 1: ZOEK

Please download zoek.exe to your Desktop:

• On Windows Vista, 7, and 8, right-click Zoek.exe and select: Run as Administrator
• Give it a few seconds to appear
• Click the Options button and place a checkmark only on the following options:
• AutoClean
• Now...
• Close any open programs.
• Click the Run script button, and wait.
• It takes a few minutes to run.
• When the tool finishes, the zoek-results.log is opened in Notepad.
• The log is also found on the systemdrive, normally C:\
• If a reboot is needed, the log is opened after the reboot.
• Please post the zoek-results.log in your reply.

Things I need to see in your next post:

Zoek-results.log

[pystryker]

They are happening still but with less frequency. I am wondering if when I uninstalled Firefox if I cleared some of it up. I cannot remember if this has happened with other browsers or not. I want to say it has. Should I maybe completely remove Firefox and start over? Not just uninstall and reinstall but remove all the files (minus the bookmarks ofcourse)

Let's run ZOEK in autoclean mode before we do a full uninstall and reinstall of Firefox.


Step 1: ZOEK

Please download zoek.exe to your Desktop:

• On Windows Vista, 7, and 8, right-click Zoek.exe and select: Run as Administrator
• Give it a few seconds to appear
• Click the Options button and place a checkmark only on the following options:
• AutoClean
• Now...
• Close any open programs.
• Click the Run script button, and wait.
• It takes a few minutes to run.
• When the tool finishes, the zoek-results.log is opened in Notepad.
• The log is also found on the systemdrive, normally C:\
• If a reboot is needed, the log is opened after the reboot.
• Please post the zoek-results.log in your reply.

Things I need to see in your next post:

Zoek-results.log

[BrianR1976]

Here are the logs.

 

How do you know what to look for?

Attached Files

•  zoek-results.log   11.98KB   253 downloads

[pystryker]

Here are the logs.
 
How do you know what to look for?

A lot of training by some of the best in the malware removal business. I had great teachers during my schooling here. How is the machine running?

[BrianR1976]

Seems to be running smoother. And the ad's went away!

[pystryker]

Seems to be running smoother. And the ad's went away!

Awesome! Let's run through some program updates and then I'll remove my tools. After that, we'll create a new, clean restore point on the machine.


Step 1: Program Updates

Update Avast Antivirus

Your current version of Avast is out of date. Please update it by right clicking on the orange orb in the TaskBar. Select Update and update both the Program and then the Engine and Virus Definitions.


Update Java

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java

Please read this article about Java.

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to disable Java in your web browser and How to unplug Java from the browser)

If you do need to keep Java then download JavaRa
Run the programme and select Remove Java Runtime. Uninstall all versions of Java present
Once done then run it again and select Update Java runtime > Download and install Latest version.





Step 2: Tool Removal and Creation of a Clean Restore Point

• Download Delfix from here
• Ensure Remove disinfection tools is ticked
  Also tick:
  • Create registry backup
  • Purge system restore
  • Reset System Settings
  
• Click Run

The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply.

• You can uninstall ESET Online Scanner at this time.
• I recommend keeping Malwarebytes Anti-Malware installed. Make sure to update it and run it at least once a week. If it finds things such as PUP's (Potentially Unwanted Programs) you can delete those with no worries. However, if it finds something like a trojan, come see us.

Step 3: Tips, Information, and Optional Installation of Unchecky

• Watch what you open in your emails. If you get an email from an unknown source with any attached files, do not open it.
• Install and keep only one anti-virus on your machine. Update it and scan your machine with it at least once a week.
• Be careful of the websites you visit.
• When installing new programs, don't be "click happy" and click through the screens. Many programs come with adware in them and are set to install them by default. Several programs require that you uncheck or select no to prevent the installation. Take your time and read each screen as you go.

To help protect yourself while on the web, I recommend you read How did I get infected in the first place?


Installation of Unchecky

This is a very good little program that will automatically uncheck any boxes during a software installation. This helps prevent the software from installing any malware that is by default checked while the program is being installed.

• Click here to be taken to Unchecky.com
• Click the very large Download button.
• Click Save
• Once downloaded, double click the program (Vista, Win 7, and 8, right click and Run as Administrator)
• Once open, click the Install button.

Then click Finish




Unchecky is now installed and will help you keep unwanted check boxes unchecked.



Things I need to see in your next post

Delfix Log

[BrianR1976]

Avast is up to date. I have a question about Java. You suggest removing it (as does the DHS). I pretty much only use the computer for internet, using MS Word, and photo processing. What are some things that may use Java that I am missing? I would hate to uninstall it then find out, oh yeah I do need it.

Also, one of the cleaners took out my copy of ATF Cleaner. I use that one often as its far quicker to use than CCleaner. Should it have removed the program? Is it safe to re-download it? Do you know of a better program that doesn't take an hour to run?

Edited by BrianR1976, 27 December 2015 - 05:03 PM.

[pystryker]

Avast is up to date. I have a question about Java. You suggest removing it (as does the DHS). I pretty much only use the computer for internet, using MS Word, and photo processing. What are some things that may use Java that I am missing? I would hate to uninstall it then find out, oh yeah I do need it.

There are a lot of websites out there that require Java for you to view the websites correctly. If that is all you're using it for, I'd suggest keeping it. Just make sure you keep it updated to the latest version.

Also, one of the cleaners took out my copy of ATF Cleaner. I use that one often as its far quicker to use than CCleaner. Should it have removed the program? Is it safe to re-download it? Do you know of a better program that doesn't take an hour to run?

I'll check with the author about that one. From my research, it shouldn't have removed it. Go ahead and re-download and reinstall it.

[BrianR1976]

I ave a question about DelFix. Do I want to get rid of all my system restore points? And what exactly does reset system settings do?

[pystryker]

I ave a question about DelFix. Do I want to get rid of all my system restore points? And what exactly does reset system settings do?

Hello

Flushing the old system restore points will help prevent a re-infection of your machine. Windows doesn't care what it backs up when it creates a restore point, it backs up malware related items just as happily as normal system files. If you were to need to do a system restore and used an infected restore point, your machine would be re-infected.

Reset system settings sets the Windows Explorer Folder Options to the default. Malware will often affect the system to show critical hidden system files and expose them to potential infection. This step returns those folders to the default which is listed below.

Hidden files and folders
Don't show hidden files, folder, or drives
Hide extensions for know file types
Hide protected operating system files

[BrianR1976]

Ok DelFix has been run and Unchecky has been installed. I did not have the redirect problem at all yesterday so I am thinking maybe it's been dealt with? I hope so. I didnt really do anything with Java other than deleting an older version of it, which I normally do though hadnt with the last update. I didnt really understand the JavaRa program so I left it alone. What exactly does it do?

Attached Files

•  DelFix.txt   2.03KB   172 downloads

[pystryker]

Ok DelFix has been run and Unchecky has been installed. I did not have the redirect problem at all yesterday so I am thinking maybe it's been dealt with? I hope so. I didnt really do anything with Java other than deleting an older version of it, which I normally do though hadnt with the last update. I didnt really understand the JavaRa program so I left it alone. What exactly does it do?

Good to hear, looks like we have it beat. JavaRa scans your system to check and make sure you have the most current version of Java installed on the machine. It will also remove any older versions on the machine. If you choose manually update Java, please remember to make sure that the version you are replacing gets uninstalled.

[BrianR1976]

I spoke too soon. Right after my last post I went and got redirected. Luckily its not redirecting me anywhere bad, just to google.uk but it sure as [bleep] is annoying.

[pystryker]

I spoke too soon. Right after my last post I went and got redirected. Luckily its not redirecting me anywhere bad, just to google.uk but it sure as [bleep] is annoying.

Hmmm...the fact it's not sending you anywhere bad is interesting. Please try resetting your router, as we may be looking at a router hijack. Once it's reset, give it a day, and let's see if that does it.

[BrianR1976]

Do you mean unplugging it and plugging it back in or giving it the factory reset?