Hi choirgirl1,
How you making out? We have a wee bit more to do but I was waiting for you.
Hi Oldman!
Finally had time to do something. I’ve downloaded and installed the updated version of MBAM. I ran a scan and it crashed, restarting my computer, so I ran it again. This time it actually found a Fake Trojan, which is certainly what that malicious program was. I’ve attached the resulting log. I will also look into the other lonk you sent, though I’ve played with the settings for IE and things seem to be working, but I’m not sure it’s set securely enough. I probably need to update IE too, so will be looking at that too. You mentioned something else we should do, so I’ll be back!
Hi choirgirl1,
Don’t worry about the MBAM detection it was a file we had quarantined with OTL. The rest will be removed when we remove OTL. I think we have this cleaned up as best we can except for the old and most likely infected System Restore points. We’ll clean those up.
Create a new restore point
You must be logged on to an administrator account
[]Go to Start - All Programs - Accessories - System Tools - System Restore.
[]Click Create a restore point, and then click Next.
[]In the text box labeled Restore Point Description, type a name for this restore point
[] click create
- Remove old restore points
[]Go to Start - All Programs - Accessories - system tools.
[]Launch the Disk Cleanup tool and let it run.
[]When it finishes a box with tabs will appear, select the more options tab.
[]On this tab you will find a section for System Restore.
[*]If you press the Clean Up button for that section, Windows will delete all restore points except for the most recent one.
From your desktop, please delete, if present
[*]any notepads/logs that we created
Next
Open OTL then click the Clean Up button. You may get prompted by your firewall that OTL wants to contact the internet - allow this. A cleanup.txt will be downloaded, a message dialog will ask you if you want to proceed with the cleanup process, click Yes. This will do some clean up tasks and delete some of the tools you have downloaded plus itself.
I suggest you keep MBAM. Keep it updated and use it regularly.
Updates and Upgrades
Looks like you have removed the Extra.txt from this thread so I’ll have to go by memory. I seem to recall seeing some old java installed on the computer, possibly even version 4. The current version is Java SE 7u1.
[*]Go to Java
[*]Scroll down to Java Platform, Standard Edition section. The subheading is Java SE 7 U1,
[*]Click the Download JRE button on the right.
If Information Bar pop-ups up, right-click on it and say it’s OK to display the blocked content.
[*]Accept the license agreement,
[*]Scroll down and click on jre-7u1-windows-x64.exe
[*]Save the file jre-7u1-windows-x64.exe to your desktop;
Do not select Run . Do not install it yet.
When the download is complete, close yous browser.
Open Control Panel > Add/Remove Programs and uninstall
All older versions of java
Do not uninstall Java TM 7 Update 1 if found!
Reboot your computer.
Double-click on the saved file b to install the update.
[*]Decline the offer to install Ask ToolBar
[*]Delete the downloaded installation file after completing the above procedure and reboot if not prompted to do so.
Next, clear the java cache
To clear the Java Plug-in cache:
[*]Click Start > Control Panel.
[*]Double-click the Java icon in the control panel.
[*]On the General tab, Click Settings under Temporary Internet Files.
[*]On the Temporary Files Settings screen, Click Delete Files.
[*]check all boxes
[*]Click OK
Some Recommendations and prevention tips
Basic security consists of 1 antivirus program, 1 resident antispyware program, 1 on demand antispyware program and a firewall. Just add a firewall to what you have.
- If you are behind a router Windows firewall should be fine. Otherwise a 3rd party firewall with outbound monitoring is recommended.
Click FIREWALL for links and tutorials to good, free and paid for firewalls. (Note: Zone Alarm is becoming bloatware)
You should also use Spyware Blaster to help immunize your computer.
- SpywareBlaster will add a large list of programs and sites into your Internet Explorer
settings that will protect you from running and downloading known malicious programs.
OR
A guide to understanding and using the hosts file.
Learn how your Hosts file can protect you and how you can protect it.
Besides the Hosts file information, there are links to a very good updated hosts file, a host file manager. and some programs that can protect your hosts file.
HOSTS
Please read the info on disabling the DNS Client before installing a custom hosts file.
-Secure your Internet Explorer
From within Internet Explorer click on the Tools menu and then click on Options.
[*]Click once on the Security tab
[*]Click once on the Internet icon so it becomes highlighted.
[*]Click once on the Custom Level button.
[*]Change the Download signed ActiveX controls to Prompt
[*]Change the Download unsigned ActiveX controls to Disable
[*]Change the Initialize and script ActiveX controls not marked as safe to Disable
[*]Change the Installation of desktop items to Prompt
[*]Change the Launching programs and files in an IFRAME to Prompt
[*]Change the Navigate sub-frames across different domains to Prompt
[*]When all these settings have been made, click on the OK button.
[*]If it prompts you as to whether or not you want to save the settings, press the Yes button.
Next press the Apply button and then the OK to exit the Internet Properties page.
-
Keeping your Windows up-to-date is crucial to your computer’s security. Please go to the Windows Update Site (using Internet Explorer) and download and install all critical updates on a regular basis
-
Make sure you have reset Automatic Updates to your chosen optionClick your start button > Control Panel > System > Automatic Updates tab
-
Keep your antivirus program updated, as well as any other security programs you have.
Please post back if you have any problems.
Take care
Thank you for ALL your help Oldman. I did everything you suggested and I sincerely appreciate your patience and careful explaining to me. We’ll see how it goes, but everything seems fine right now. Have a wonderful Christmas season! Thanks again!
Hi choirgirl1,
You’re welcome.
Merry Christmas to you and yours too. If you have any problems you can always come back.
Take care, keep safe.