OK. Problem solved. Do we need to fix anything else? If not it's time to cleanup:
We usually clean up with Delfix. This removes our tools and their logs and quarantines and also removes all but the latest System Restore point so there is no chance of the malware coming back with a system restore. Delfix has been a tad too aggressive recently and seems to dislike pdf files in the Downloads folder so if you have any you should move them to a different folder before running Delfix.
Ensure Remove disinfection tools is ticked
Also tick:
Create registry backup
Purge system restore
Click Run
The program will run for a few moments and then notepad will open with a log. Please paste the log in your next reply
If we installed Speccy it needs to be uninstalled. Process Explorer, VEW and their logs and Speccy's log can just be deleted.
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Flash is now the most malware targeted program so it must be kept up to date. Be careful with Adobe. They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan. Go slow and uncheck the optional stuff.
Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on. Go to adblockplus.org with each browser and get the add-on. (It's actually a program for IE)
If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
Be warned: If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to
http://virustotal.combeforeyou open them.
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
CryptoPrevent
Last time I downloaded it you had to give them your IP address and they would send you the link to download it. When it ran it asked if you were sure your PC was clean then it would try to allow everything on your PC to continue running. The free version does not update on its own so you should check for updated versions once in a while. If you have problems after installing CryptoPrevent you can just uninstall it.
If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See
http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.
Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.
My help is free but if you wish to show your appreciation, please donate to Kwiaht instead of me. It's an Orcas Island environmental organization that I volunteered with:
http://www.kwiaht.org/donate.htm(The name means something like "clean place" in one of the local native-American dialects)
Addition.txt 156.66KB
7469 downloads
Sign In
Create Account
