Unable to Access the Internet

Greetings,

I am using Windows 7 Home Premium and when I turned on my computer today, I was receiving malware error messages whenever I opened an email message (in Outlook) or attempted to access the Internet using Internet Explorer (version 11.0.9600.17239) or using Firefox. I disabled the Web shield in Avast! and am now able to access the Internet.

However, I’m not sure why I can’t use the Web shield and still access the Internet. [Note: I have removed Spybot S&D and Spyware Terminator, but the problem persists].

Any ideas? This has never happened before.

Thanks in advance!

follow instructions https://forum.avast.com/index.php?topic=53253.0
attach Malwarebytes and Farbar Recovery Scan Logs

when done, experts will be notified and take a look at the logs

Here is the MBAM log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/16/2014
Scan Time: 6:17:34 AM
Logfile: MBAM Scanning History Log (8-16-14).txt
Administrator: Yes

Version: 2.00.2.1012
Malware Database: v2014.08.16.02
Rootkit Database: v2014.08.15.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Sherwood

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 414264
Time Elapsed: 16 min, 18 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

Attached is the FRST.txt log …

Here is the “Addition.txt” file …

Essexboy is notified, it may take some hours before he is online

You have a proxy set to go to a blacklisted site, hence webshield will block the connection
After this run try the net again with webshield enabled

CAUTION : This fix is only valid for this specific machine, using it on another may break your computer

Open notepad and copy/paste the text in the quotebox below into it:

ProxyServer: http=xenon.afo.net:8080 SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir= SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir= SearchScopes: HKCU - {39859210-EEBD-4DB6-9B2D-64B1D1ABFDB0} URL = SearchScopes: HKCU - {3DCD0FFD-B715-4C3A-8054-4FB480008D73} URL = SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir= BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: No Name -> {0b4d6b1c-d1a6-4b21-9412-cc846ebfa818} -> No File Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File Toolbar: HKLM-x32 - No Name - {10834e9a-d475-4a24-ad01-f3f24f71b28e} - No File Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File Toolbar: HKCU - No Name - {7DCA8C02-B6EF-40D9-B9A4-7D92930B7F49} - No File CHR DefaultSearchKeyword: mysearchdial.com Task: {465E99A2-4E62-4E2C-A905-D041F476A1F9} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-03-12] (AnyProtect by CMI) <==== ATTENTION C:\Program Files (x86)\AnyProtectEx Task: C:\Windows\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION EmptyTemp: CMD: bitsadmin /reset /allusers

Save this as fixlist.txt, in the same location as FRST.exe
Run FRST and press Fix
On completion a log will be generated please post that

THEN

Please download AdwCleaner by Xplode onto your desktop.

[*]Close all open programs and internet browsers.
[*]Double click on AdwCleaner.exe to run the tool.
[*]Click on Scan.
[*]After the scan is complete click on “Clean”
[*]Confirm each time with Ok.
[*]Your computer will be rebooted automatically. A text file will open after the restart.
[*]Please post the content of that logfile with your next answer.
[*]You can find the logfile at C:\AdwCleaner[S1].txt as well.

Here is the aswMBR.txt file:

aswMBR version 1.0.1.2041 Copyright(c) 2014 AVAST Software
Run date: 2014-08-16 06:54:35

06:54:35.131 OS Version: Windows x64 6.1.7601 Service Pack 1
06:54:35.131 Number of processors: 2 586 0x170A
06:54:35.132 ComputerName: SHERWOOD-PC UserName: Sherwood
06:54:46.798 Initialize success
06:54:46.799 VM: initialized successfully
06:54:46.829 VM: Intel CPU supported virtualized
06:54:52.015 VM: supported disk I/O ataport.SYS
06:54:56.531 AVAST engine defs: 14081600
06:54:58.150 Disk 0 (boot) \Device\Harddisk0\DR0 → \Device\Ide\IdeDeviceP0T0L0-0
06:54:58.153 Disk 0 Vendor: ST31000528AS CC45 Size: 953869MB BusType: 3
06:54:58.672 VM: Disk 0 MBR read successfully
06:54:58.675 Disk 0 MBR scan
06:54:58.680 Disk 0 Windows 7 default MBR code
06:54:58.684 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 70 MB offset 63
06:54:58.732 Disk 0 Partition 2 80 (A) 07 HPFS/NTFS NTFS 9918 MB offset 145408
06:54:58.751 Disk 0 Boot: NTFS code=1
06:54:58.767 Disk 0 Partition 3 00 07 HPFS/NTFS NTFS 943879 MB offset 20457472
06:54:58.880 Disk 0 scanning C:\Windows\system32\drivers
06:55:18.849 Service scanning
06:55:38.761 Modules scanning
06:55:38.768 Disk 0 trace - called modules:
06:55:38.789 ntoskrnl.exe CLASSPNP.SYS disk.sys ACPI.sys ataport.SYS pciide.sys
06:55:38.795 1 nt!IofCallDriver → \Device\Harddisk0\DR0[0xfffffa80078f9060]
06:55:38.801 3 CLASSPNP.SYS[fffff8800145143f] → nt!IofCallDriver → [0xfffffa80073cde40]
06:55:38.807 5 ACPI.sys[fffff88000f4d7a1] → nt!IofCallDriver → \Device\Ide\IdeDeviceP0T0L0-0[0xfffffa80073ff060]
06:55:40.309 AVAST engine scan C:\Windows
06:55:49.557 AVAST engine scan C:\Windows\system32
06:58:48.660 AVAST engine scan C:\Windows\system32\drivers
06:59:01.913 AVAST engine scan C:\Users\Sherwood
06:59:41.610 File: C:\Users\Sherwood\AppData\Local\join.me\LMIFilteredThreadHook32.dll INFECTED Win32:Evo-gen [Susp]
07:07:49.089 AVAST engine scan C:\ProgramData
07:10:12.695 Scan finished successfully
13:44:57.272 Disk 0 MBR has been saved successfully to “C:\Users\Sherwood\Desktop\MBR.dat”
13:44:57.277 The log file has been saved successfully to “C:\Users\Sherwood\Desktop\aswMBR.txt”

Here is Fixlog.txt:

ix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 16-08-2014 04
Ran by Sherwood at 2014-08-16 13:51:19 Run:1
Running from C:\Users\Sherwood\Desktop
Boot Mode: Normal

Content of fixlist:


ProxyServer: http:8080=xenon.afo.net
SearchScopes: HKLM - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir=
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir=
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKCU - DefaultScope {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir=
SearchScopes: HKCU - {39859210-EEBD-4DB6-9B2D-64B1D1ABFDB0} URL =
SearchScopes: HKCU - {3DCD0FFD-B715-4C3A-8054-4FB480008D73} URL =
SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = http://start.mysearchdial.com/results.php?f=4&q={searchTerms}&a=cmi_14_11_ie&cd=2XzuyEtN2Y1L1QzutDtDtBtCyBtDyD0FyEyB0FtDyCyByCyDtN0D0Tzu0SzztDtCtN1L2XzutBtFtCzztFtBtFtDtN1L1CzutCyEtDtAtDyD1V1StN1L1G1B1V1N2Y1L1Qzu2SyEtA0E0D0EyE0F0CtGtBtAyEzztGtAtDtCyDtG0FyDyE0CtGyBtA0CyD0BtAtAtB0DtC0B0D2QtN1M1F1B2Z1V1N2Y1L1Qzu2StD0F0AyEyE0EtD0AtGzyyDzz0DtGyCyC0C0BtGtC0F0CyDtGyDyEzztA0B0B0E0F0E0D0F0C2Q&cr=1895947718&ir=
BHO-x32: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO-x32: No Name → {0b4d6b1c-d1a6-4b21-9412-cc846ebfa818} → No File
Toolbar: HKLM - No Name - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - No File
Toolbar: HKLM-x32 - No Name - {10834e9a-d475-4a24-ad01-f3f24f71b28e} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Toolbar: HKCU - No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKCU - No Name - {7DCA8C02-B6EF-40D9-B9A4-7D92930B7F49} - No File
CHR DefaultSearchKeyword: mysearchdial.com
Task: {465E99A2-4E62-4E2C-A905-D041F476A1F9} - System32\Tasks\APSnotifierCA => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe [2014-03-12] (AnyProtect by CMI) <==== ATTENTION
C:\Program Files (x86)\AnyProtectEx
Task: C:\Windows\Tasks\APSnotifierCA.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
EmptyTemp:
CMD: bitsadmin /reset /allusers


HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ProxyServer => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope => Value was restored successfully.
“HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}” => Key deleted successfully.
“HKCR\CLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A}” => Key not found.
“HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}” => Key deleted successfully.
“HKCR\CLSID{6A1806CD-94D4-4689-BA73-E35EA1EA9990}” => Key not found.
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}” => Key deleted successfully.
“HKCR\Wow6432Node\CLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A}” => Key not found.
HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope => value deleted successfully.
“HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{39859210-EEBD-4DB6-9B2D-64B1D1ABFDB0}” => Key deleted successfully.
“HKCR\CLSID{39859210-EEBD-4DB6-9B2D-64B1D1ABFDB0}” => Key not found.
“HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{3DCD0FFD-B715-4C3A-8054-4FB480008D73}” => Key deleted successfully.
“HKCR\CLSID{3DCD0FFD-B715-4C3A-8054-4FB480008D73}” => Key not found.
“HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{6A1806CD-94D4-4689-BA73-E35EA1EA9990}” => Key deleted successfully.
“HKCR\CLSID{6A1806CD-94D4-4689-BA73-E35EA1EA9990}” => Key not found.
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{02478D38-C3F9-4efb-9B51-7695ECA05670}” => Key deleted successfully.
“HKCR\Wow6432Node\CLSID{02478D38-C3F9-4efb-9B51-7695ECA05670}” => Key not found.
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects{0b4d6b1c-d1a6-4b21-9412-cc846ebfa818}” => Key deleted successfully.
“HKCR\Wow6432Node\CLSID{0b4d6b1c-d1a6-4b21-9412-cc846ebfa818}” => Key deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} => value deleted successfully.
“HKCR\CLSID{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F}” => Key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\{10834e9a-d475-4a24-ad01-f3f24f71b28e} => value deleted successfully.
“HKCR\Wow6432Node\CLSID{10834e9a-d475-4a24-ad01-f3f24f71b28e}” => Key deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
“HKCR\CLSID{21FA44EF-376D-4D53-9B0F-8A89D3229068}” => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value deleted successfully.
“HKCR\CLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F}” => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7DCA8C02-B6EF-40D9-B9A4-7D92930B7F49} => value deleted successfully.
“HKCR\CLSID{7DCA8C02-B6EF-40D9-B9A4-7D92930B7F49}” => Key not found.
Chrome DefaultSearchKeyword deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{465E99A2-4E62-4E2C-A905-D041F476A1F9}” => Key deleted successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{465E99A2-4E62-4E2C-A905-D041F476A1F9}” => Key deleted successfully.
C:\Windows\System32\Tasks\APSnotifierCA => Moved successfully.
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\APSnotifierCA” => Key deleted successfully.
C:\Program Files (x86)\AnyProtectEx => Moved successfully.
C:\Windows\Tasks\APSnotifierCA.job => Moved successfully.

========= bitsadmin /reset /allusers =========

BITSADMIN version 3.0 [ 7.5.7601 ]
BITS administration utility.
(C) Copyright 2000-2006 Microsoft Corp.

BITSAdmin is deprecated and is not guaranteed to be available in future versions of Windows.
Administrative tools for the BITS service are now provided by BITS PowerShell cmdlets.

0 out of 0 jobs canceled.

========= End of CMD: =========

EmptyTemp: => Removed 2.3 GB temporary data.

The system needed a reboot.

==== End of Fixlog ====

Have you run AdwCleaner yet ?

I’ve tried running it 5 times, but is hangs while Scanning. It states, “Pending. Please uncheck elements you don’t want to remove”, but proceeds not further.

I have attached the screen shot…

if there is lots of crap, it may use some time…
you may try run it from safe mode

Thanks. I’ll give that a shot.

I did try running adwcleaner.exe, but it still hung in Safe Mode (for over 3.5 hours).

However, I shut down the computer and restarted it the next day and everything seems to be working fine now. I’m not sure if it’s something we did or if the new version of Avast! (which automatically installed) solved the issue.

At any rate, Avast! seems to be causing no conflicts at the moment.

The problem was the proxy server, removing that with FRST cured the problem. Is all well now ?

Yes. All seems to be well now. (By the way, what exactly does adwcleaner.exe do?)

Thanks!

AdwCleaner removes all traces of adware that it knows about from the computer

Subject to no further problems :slight_smile:

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so…The following will implement some cleanup procedures as well as reset System Restore points:

Download and run Delfix

https://dl.dropboxusercontent.com/u/73555776/delfix.JPG

: Keep Java Updated :

WARNING: Java is the #1 exploited program at this time. The Department of Homeland Security recommends that computer users disable Java
See this article

I would recommend that you completely uninstall Java unless you need it to run an important software.
In that instance I would recommend that you disable Java in your browsers until you need it for that software and then enable it. (See How to diasble Java in your web browser and How to unplug Java from the browser)

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:

CryptoPrevent install this programme to lock down and prevent crypto ransome ware

https://dl.dropboxusercontent.com/u/73555776/CryptoPrevent.JPG

Malwarebytes.

Update and run weekly to keep your system clean

It is critical to have both a firewall and anti virus to protect your system and to keep them updated.

To learn more about how to protect yourself while on the internet read this little guide Best security practices Keep safe :wave:

Thanks for all your help!