Help with Alureon Please check my log files

[essexboy]

Whoops just saw your other post, delfix will reset your hidden files as part of its' routine

[VJack]

I ran Delfix and the transparent icons are gone from the desktop. 

Cryptoprevent is different from the screenshot you posted. I have an additional option that says - Protect %userprofile% / %programdata% / Startup Folder
Should I check that box also? Does this run in the background or is it something I need to initiate regularly? What does this tool do exactly?

I have Malwarbytes on my computer from 2012. Should I uninstall and re-install a new version? Obviously I didn't run it regularly or wouldn't have gotten a virus. I will run it regularly.

Right now Avast! and MSE are running in the taskbar, is this acceptable or will they conflict?

I Need help with updating Java. The install security updates was incomplete. Tried to look at help files and I do not know what to do. Maybe you can direct me to a download link? Windows Vista Home Premium Service pack 2 32-bit OS

Thanks for all your help! I will be recommending avast!  to friends & family.
Sincere Thanx, Virginia

[essexboy]

Oops they have updated it again..  Yes check the boxes, cryptoprevent is a fire and forget programme it adjusts the registry so that known malware cannot run from its known launch folders. Check the programme monthly for updates by using the update checker within the programme 

I would recommend disabling MSE :
Open the MSE GUI (doube-click tray icon or use the Start menu shortcut), select Settings , Real-time protection and deselect the Turn on real-time protection option.


OK for Java lets go the easy way :

Download Javara from here http://singularlabs.com/software/javara/  the download link is on the right hand side
Run the programme and select update Java runtime
Once it is done then uninstall Javara

For malwarebytes run the programme and select Update and it will then download the latest

[VJack]

I am in a mess now. When I clicked on your link to install javara I believe I downloaded the zipextractor on the page by mistake and when unzipped it installed a virus checker called  Websteroids and Speedcleaner I was able to uninstall. (see screenshot of add/remove programs - Installcoverter bundle. It will not let me uninstall). it states I do not have permission. I have no idea how to change permissions. I can click on the exe file and Run as Administrator but I cannot stop it in the task manager long enough to uninstall it!

I am now receiving popups and page hijacks (see the screenshots) One hijack page has avast in it!(below)
 http://n11.adshostnet.com/ads?key=8cddb633571d69198083fbe9c2fe7a48&keyvalue1=forum.avast.com
&keyvalue2=72771&keyvalue3=TSCP&keyvalue4=666F72756D2E61766173742E636F6D&appendvalue1=TSCP&ch=forum.avast.com

What was this generated by? An affiliate link?

Please help me get this new issue resolved. I see you have many other issues pending and appreciate all the time you have already assited me with. Thanx, Virginia

[VJack]

This is all my fault from clicking the Ad on the Javara page I thought was the Download button. See screenshots.  I have flashing pop ups floating on top of the browser.  The link address for the flashing popup also has avast in it! http://www.medtech-itsupport.com/rp/?aff_id=forum.avast.com
Seems as though avast is an affiliate?

I will run the adware cleaner you suggested earlier.

[VJack]

I used the adware cleaner and so far so good it may be gone. Can you look at my log. Thanks,  Virginia

Otherwise all other issues were resolved-
I got Java to install with JAVARA and will disable in all browsers until needed.
MSE real time protection OFF
Cryptoprevent installed and running
avast running
I will update Malwarebytes but was distracted by the trouble with JAVA and this new popup adware issue.

[VJack]

Ran MBAM and Websteroids from the above bad download showed up among other things. I do not know what to delete. Can you tell me what to delete by looking at the log?

[essexboy]

Take the lot out with MBAM and run OTL so that I can remove any that have been missed ..  I think I will make my download links direct now rather than just go to the page

Download OTL  to your Desktop
Secondary link

• Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.

• Select All Users
  
• Select LOP and Purity
• Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
c:\program files (x86)\Google\Desktop
c:\program files\Google\Desktop
CREATERESTOREPOINT

• Click the Run Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
    
  • Attach  both logs