Solved Easylifeapp virus

Hi,

JavaRa now run and removed older version.

Same issue is occurring, still can't download newest Java (as explained above).

Don't seem to be having any problems with regards to the easylifeapp virus, seems to have dissapeared.
 
Thanks for that. OK have sucessfully downloaded Java. I downloaded the 64bit version, as far as I'm aware that is what my system is. Although when using chrome it says: "[LEFT][FONT=Helvetica Neue]We have detected you may be viewing this page in a 32-bit browser." -[/FONT][/LEFT][LEFT][FONT=Helvetica Neue] but my attempt to download the 32 bit version failed once again.[/FONT][/LEFT][LEFT][FONT=Helvetica Neue][/FONT][/LEFT]
 
You have 64-bit system so you have to install both Java versions.

If not other issues...

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.
 
Ok, Well I have downloaded Java 64bit version, but the above issues keep happening with regards to the 32 bit version (wizard was interrupted, then 'browserlauncherror:87'.

Shall I now do the above steps you have advised, or can I not do them until I have 32 bit version?

Sorry for being a bit stupid here.

EDIT: Oh, and did I have any trojans, rootkits or bootkits ?
 
Sorry, can't download 32-bit Java on either firefox or chrome.

I can't use IE on this laptop, it is there but doesn't work and hasn't worked for a long time. It wasn't working once so I tried to uninstall it and then it was bust for ever. But that's a whole new problem we don't need to go down!

Sorry about all of this.
 
Thanks, but the same thing happens - Java Setup Welcome pops up, so I click on INSTALL. Then Java Setup Process pops up, then Java Setup pops up saying: "Installation failed. The Wizard was interrupted before Java7 Update 17 could be completely installed. To complete installation another time, please run setup again.... Click OK to exit the Wizard." Then there is a box underneath that is checked which says 'Open Java Help'. I click on OK, then something else pops up with a cross saying 'BrowserLauchError:87'.

That happens when I try to do it in both firefox and chrome.

As for IE, I've had the problem so long I can't overly remember how it came about. Although a couple of years ago on this forum I posted:

I have been having some issues with Internet Explorer 9. Whenever I try and open it, it pops up on the screen for a milisecond then dissapears. It never opens.

I wanted to uninstall it, so went about it what I think is the proper way ( Start, type Programs and Features in the search box, Under Uninstall an update, scroll down to the Microsoft Windows section, then choose it). But when I do this it says: An error has occurred Not all of the updates were successfully uninstalled. If I try to turn it off, it says something similar.

I have tried to download a different type of IE, but it just tells me I have the most up to date version.

Weird.
 
Thanks. Am going to try and do all of the above today. First...

All processes killed
========== OTL ==========
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: AppData
->Temp folder emptied: 0 bytes

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes
->Flash cache emptied: 0 bytes

User: owner
->Temp folder emptied: 30873 bytes
->Temporary Internet Files folder emptied: 66340 bytes
->Java cache emptied: 463 bytes
->FireFox cache emptied: 8529873 bytes
->Google Chrome cache emptied: 12740277 bytes
->Flash cache emptied: 3919 bytes

User: Public
->Temp folder emptied: 0 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32 (64bit) .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 0 bytes
%systemroot%\sysnative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 0 bytes

Total Files Cleaned = 20.00 mb


[EMPTYFLASH]

User: All Users

User: AppData

User: Default
->Flash cache emptied: 0 bytes

User: Default User
->Flash cache emptied: 0 bytes

User: owner
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0.00 mb


[EMPTYJAVA]

User: All Users

User: AppData

User: Default

User: Default User

User: owner
->Java cache emptied: 0 bytes

User: Public

Total Java Files Cleaned = 0.00 mb

Restore point Set: OTL Restore Point

OTL by OldTimer - Version 3.2.69.0 log created on 03102013_090001

Files\Folders moved on Reboot...
C:\Users\owner\AppData\Local\Temp\FXSAPIDebugLogFile.txt moved successfully.

PendingFileRenameOperations files...

Registry entries deleted on Reboot...
 
OK all done. Thanks very much for your help.

Sadly, the IE fixit procedure.didn't work. Still IE just pops up for a milisecond and then dissapears.
 
Download Windows Repair (All in One) from this site

Install the program then run it.

NOTE 1. In Windows Vista, 7 and 8 right click on the program, click "Run As Administrator".
NOTE 2. Disable your antivirus program before running Windows Repair.


Go to Step 2 and allow it to run CheckDisk by clicking on Do It button:

p22002979.gif




Once that is done then go to Step 3 and allow it to run System File Check by clicking on Do It button:

p22002980.gif



Go to Step 4 and under "System Restore" click on Create button:

p22002982.gif



Go to Start Repairs tab and click Start button.

Leave all checkmarks as they're.
NOTE for Windows 8 users. Reset Registry Permissions is NOT checked by design.

Click on Start button.

p22003030.gif


Post Windows Repair log which is located in the following folder:
64-bit systems - C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs
32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs
 
For the 64 bit there are 7 notepad files. The top one is titled '_windows_repair_log'. I have copy and pasted that one below. The rest are either called 'windows_repair_hkey_classes_root_log_.... etc' or 'windows_repair_hkey_local_machine_3_log' etc. I am not sure if I am meant to copy and paste all of them as its quite a lot.

Running Repair Under System Account
Starting Repairs...
Start (10/03/2013 20:25:28)

Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (10/03/2013 20:25:28)
Running Repair Under Current User Account
Done (10/03/2013 20:25:37)

Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (10/03/2013 20:25:37)
Running Repair Under System Account
Done (10/03/2013 20:28:26)

Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (10/03/2013 20:28:26)
Running Repair Under System Account
Done (10/03/2013 20:29:29)

Register System Files
Start (10/03/2013 20:29:29)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:30:33)

Repair WMI
Start (10/03/2013 20:30:33)
Running Repair Under Current User Account
Invalid Global Switch.

Invalid Global Switch.

Running Repair Under System Account
Invalid Global Switch.

Invalid Global Switch.

Done (10/03/2013 20:34:18)

Repair Windows Firewall
Start (10/03/2013 20:34:18)
Running Repair Under Current User Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Running Repair Under System Account
The Internet Connection Sharing (ICS) service is not started.

More help is available by typing NET HELPMSG 3521.

The Internet Connection Sharing (ICS) service could not be started.

The service did not report an error.

More help is available by typing NET HELPMSG 3534.

Done (10/03/2013 20:35:07)

Repair Internet Explorer
Start (10/03/2013 20:35:07)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:35:41)

Repair MDAC/MS Jet
Start (10/03/2013 20:35:41)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:36:11)

Repair Hosts File
Start (10/03/2013 20:36:11)
Running Repair Under System Account
Done (10/03/2013 20:36:13)

Remove Policies Set By Infections
Start (10/03/2013 20:36:13)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:36:18)

Repair Icons
Start (10/03/2013 20:36:18)
Running Repair Under System Account
Could Not Find C:\Users\owner\AppData\Local\IconCache.db.bak
Could Not Find C:\Users\owner\AppData\Local\IconCache.db
Done (10/03/2013 20:36:21)

Repair Winsock & DNS Cache
Start (10/03/2013 20:36:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:36:40)

Repair Proxy Settings
Start (10/03/2013 20:36:40)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:36:45)

Repair Windows Updates
Start (10/03/2013 20:36:45)
Running Repair Under Current User Account
The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

Access is denied.
Running Repair Under System Account
The Cryptographic Services service is not started.

More help is available by typing NET HELPMSG 3521.

The Background Intelligent Transfer Service service is not started.

More help is available by typing NET HELPMSG 3521.

The Windows Update service is not started.

More help is available by typing NET HELPMSG 3521.

Access is denied.
Done (10/03/2013 20:37:30)

Repair CD/DVD Missing/Not Working
Start (10/03/2013 20:37:30)
Done (10/03/2013 20:37:30)

Repair Volume Shadow Copy Service
Start (10/03/2013 20:37:30)
Running Repair Under Current User Account
The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

Running Repair Under System Account
The Volume Shadow Copy service is not started.

More help is available by typing NET HELPMSG 3521.

The Microsoft Software Shadow Copy Provider service is not started.

More help is available by typing NET HELPMSG 3521.

Done (10/03/2013 20:37:43)

Repair MSI (Windows Installer)
Start (10/03/2013 20:37:43)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:37:56)

Repair bat Association
Start (10/03/2013 20:37:56)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:01)

Repair cmd Association
Start (10/03/2013 20:38:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:06)

Repair com Association
Start (10/03/2013 20:38:06)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:10)

Repair Directory Association
Start (10/03/2013 20:38:11)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:15)

Repair Drive Association
Start (10/03/2013 20:38:15)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:20)

Repair exe Association
Start (10/03/2013 20:38:20)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:27)

Repair Folder Association
Start (10/03/2013 20:38:27)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:32)

Repair inf Association
Start (10/03/2013 20:38:32)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:37)

Repair lnk (Shortcuts) Association
Start (10/03/2013 20:38:37)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:41)

Repair msc Association
Start (10/03/2013 20:38:41)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:46)

Repair reg Association
Start (10/03/2013 20:38:46)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:51)

Repair scr Association
Start (10/03/2013 20:38:51)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:38:56)

Repair Windows Safe Mode
Start (10/03/2013 20:38:56)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:39:03)

Repair Print Spooler
Start (10/03/2013 20:39:03)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:39:14)

Restore Important Windows Services
Start (10/03/2013 20:39:14)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:39:21)

Set Windows Services To Default Startup
Start (10/03/2013 20:39:21)
Running Repair Under Current User Account
Running Repair Under System Account
Done (10/03/2013 20:39:44)

Cleaning up empty logs...

All Selected Repairs Done.
Done (10/03/2013 20:39:44)
Total Repair Time: 00:14:16


...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under System Account
 
Just realised that for '32-bit systems - C:\Program Files\Tweaking.com\Windows Repair (All in One)\Logs' , there doesn't appear to be such a thing. Tweaking.com only appears in C:\programfiles(x86).



EDIT: But IE is now working!!!
 
Excellent!

Your computer is clean

1. We need to reset system restore to prevent your computer from being accidentally reinfected by using some old restore point(s). We'll create fresh, clean restore point, using following OTL script:

Run OTL

  • Under the Custom Scans/Fixes box at the bottom, paste in the following:

Code:
:OTL
:Commands
[purity]
[emptytemp]
[EMPTYFLASH]
[emptyjava]
[CLEARALLRESTOREPOINTS]
[Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Post resulting log.

2. Now, we'll remove all tools, we used during our cleaning process

Clean up with OTL:

  • Double-click OTL.exe to start the program.
  • Close all other programs apart from OTL as this step will require a reboot
  • On the OTL main screen, press the CLEANUP button
  • Say Yes to the prompt and then allow the program to reboot your computer.

If you still have any tools or logs leftover on your computer you can go ahead and delete those off of your computer now.

3. Make sure, Windows Updates are current.

4. If any trojans, rootkits or bootkits were listed among your infection(s), make sure, you change all of your on-line important passwords (bank account(s), secured web sites, etc.) immediately!

5. Check if your browser plugins are up to date.
Firefox - https://www.mozilla.org/en-US/plugincheck/
other browsers: https://browsercheck.qualys.com/ (click on "Launch a quick scan now" link)

6. Download, and install WOT (Web OF Trust): http://www.mywot.com/. It'll warn you (in most cases) about dangerous web sites.

7. Run Malwarebytes "Quick scan" once in a while to assure safety of your computer.

8. Run Temporary File Cleaner (TFC) weekly.

9. Download and install Secunia Personal Software Inspector (PSI): https://www.techspot.com/downloads/4898-secunia-personal-software-inspector-psi.html. The Secunia PSI is a FREE security tool designed to detect vulnerable and out-dated programs and plug-ins which expose your PC to attacks. Run it weekly.

10. (optional) If you want to keep all your programs up to date, download and install FileHippo Update Checker.
The Update Checker will scan your computer for installed software, check the versions and then send this information to FileHippo.com to see if there are any newer releases.

11. (Windows XP only) Run defrag at your convenience.

12. When installing\updating ANY program, make sure you always select "Custom " installation, so you can UN-check any possible "drive-by-install" (foistware), like toolbars etc., which may try to install along with the legitimate program. Do NOT click "Next" button without looking at any given page.

13. Read:
How did I get infected?, With steps so it does not happen again!: http://www.bleepingcomputer.com/forums/topic2520.html
Simple and easy ways to keep your computer safe and secure on the Internet: http://www.bleepingcomputer.com/tutorials/keep-your-computer-safe-online/

14. Please, let me know, how your computer is doing.
 
OK I did all of the above earlier, before I highlighted the IE problem, so think it should be OK unless you say otherwise.

Thanks you so much for all of your help, it is very good of you and much appreciated.
 
Back