OK. I think we're done.
Time to clean up:
To delete the Quarantine Folder used by FRST create a fixlist.txt file with just the following line:
Save the fixlist.txt to the same folder as FRST then run FRST and hit Fix. You can easily delete any other folders and logs.
If we installed Speccy it needs to be uninstalled. Process Explorer, VEW, AdwCleaner, JRT and their logs and Speccy's log can just be deleted.
Also make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat. Flash is now the most malware targeted program so it must be kept up to date. Be careful with Adobe. They are fond of offering optional downloads like yahoo or Ask toolbars or that worthless McAfee Security Scan. Go slow and uncheck the optional stuff.
If you use Chrome/Firefox/IE then get the AdBlock Plus Add-on. Go to adblockplus.org with each browser and get the add-on. (It's actually a program for IE)
If Chrome/Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
To prevent a relatively new phishing attack: In Firefox, type:
in the URL box and hit Enter. You should get a new page of options (if you get a notice about voiding the warranty just cancel the warning). In the Search box put in
You should only get one option:
We want it to say True but by default it is False so double click on it to toggle from False to True.
Close and restart firefox.
To test it you can go to:
If you are a Facebook user get the FB Purity extension for your browser:
This will stop all of the suggested pages and ads so that Facebook loads much quicker.
Be warned: If you use Limewire, utorrent or any of the other P2P programs you will probably be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.combefore
you open them.
Due to a recent rise in the number of Crytolocker infections I am now recommending you install:
The free version does not update on its own so you should check for updated versions once in a while. When you install it the default is NONE which is kind of worthless so change it to Standard or default. If you have problems after installing CryptoPrevent you can just uninstall it.
If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...0637284.htmlandhttp://www.seattlepi...ted-1344185.php
for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.
Special note on Java. Old Java versions should be removed after first clearing the Java Cache by following the instructions in:
Then remove the old versions by going to Control Panel, Programs and Features and Uninstall all Java programs which are not Java Version 7 update 25 or better. These may call themselves: Java Runtime, Runtime Environment, Runtime, JRE, Java Virtual Machine, Virtual Machine, Java VM, JVM, VM, J2RE, J2SE. Get the latest version from Java.com. They will usually attempt to foist some garbage like the Ask toolbar, Yahoo toolbar or McAfee Security Scan on you as part of the download. Just uncheck the garbage before the download (or install) starts. If you use a 64-bit browser and want the 64-bit version of Java you need to use it to visit java.com.
Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it. IF that is the case then go to Control Panel, Java, Security and slide it up to the highest level. OK.