XP Updates?

[Mark Twain]

Hello Paul,


I provided all the pictures versus trying to
explain what I was seeing. I thought it would
be easier

I barely see the SunJavaUpdate myself but
how can I click on a Autoruns image to find the
program path?

I tried to zoom in on the SunJavaUpdate icon but it just blurs. I
haven't run Autoruns since I was working with you and at this time
I'm still working with the malwarebytes forum person.

Could this be it with two JAVA entries? (hopefully you can make it out)

I found Findopolis in Program and Features and
tried to uninstall it but it said an error occurred
and do I want to remove it from the list and I
clicked yes and removed it.

I couldn't find FreeSoft Today. Remote Desktop Access
or Windows Manager Protect but I seem to remember
that I removed FreeSoft Today before?

I checked and I didn't see any Farbar entries in
the Program and Features.

I still use JAVA but I'm very leery of opening it
as it may be corrupted. Maybe I should just remove it
and then reinstall it but there are (2) entries for
JAVA.

So if I reinstall JAVA I should use the JRE then you're
suggesting either of these but the offline is better?

Windows x86 Offline 32.17 MB jre-8u20-windows-i586.exe
Windows x64 91.68 MB jre-8u20-windows-x64.exe <---

Oh jeeeeeez ,.. I've already run Dellfix!@!@!

I don't use CcCleaner,... I've been working on these two
computers non-stop for awhile just to get them up and
running again that I forgot and I'm getting a little
overwhelmed with all the antivirus, anti-malware, programs
besides all the technical data he gave me to read. It takes
allot of time for me to digest all of this.

Damn! I thought those link he gave were the source ! I've
already installed malwarebytes Anti-Exploit.

That was my very concern, with so many programs I worry
about them conflicting with one another and messy up my
computer. I may be wrong but it seems to me overkill. I
like to have my computer as lean as possible.

I don't use my USB all that much. Only to upload pictures
from my camera is about all.

Most of these programs I had never heard of including
CryptoPrevent which is why I asked you to take a look at
them and also because I felt we weren't finished and that
I was still infected but I'm just following instructions.

So you recommend deleting CrytpPrevent, Unchecky, Adblock?

Your concern about FileHippo echoes mine exactly and I'm
very, very leery of it. As I said its showing my JAVA needs
updating when I had just installed it the previous day.

Part of the problem also is that I'm disabled and I don't
want to be spending more time just to keep these programs
updated than the time I spend on the computer itself and I
agree I don't want to turn my computer into a 747 cockpit
which is what its starting to look like!

I think I'll take your suggestions and remove the installed
programs and leave those that you recommend.

Thanks for taking the time to respond and explain things to
me I really appreciate it.

Robert

 

[Mark Twain]

Oh, I get it

You pointed the arrow to the one I am suppose to use

The big ones (offline) are the safe ones. The one to use
depends on whether your Windows is 32 bit or 64 bit. Based
on the giant RAM memory your 8500 has, you want 64 bit, as
Dell would be silly to install anything other than an x64 OS.

Windows x86 Offline 32.17 MB jre-8u20-windows-i586.exe
Windows x64 91.68 MB jre-8u20-windows-x64.exe <---

 

[Paul]

Oh, I get it

You pointed the arrow to the one I am suppose to use

The big ones (offline) are the safe ones. The one to use
depends on whether your Windows is 32 bit or 64 bit. Based
on the giant RAM memory your 8500 has, you want 64 bit, as
Dell would be silly to install anything other than an x64 OS.

Windows x86 Offline 32.17 MB jre-8u20-windows-i586.exe
Windows x64 91.68 MB jre-8u20-windows-x64.exe <---

That should be the 64 bit offline one. The one with the
arrow. If it is the wrong one, the installer would tell
you anyway.

*******

The purpose of attempting to uninstall the Java
first, is to see whether any remnants are still around,
and whether you still need it.

Java on an end-user machine is used a couple of
ways. You can download a program, in the same way
you'd download Firefox or Chroms and run the program.
And the Java library that is installed first, supports
the operation of a Java-based program.

There aren't many free programs of that type. I had a
commercial program (VPN software for work) which
used Java in that way. That was a reason I needed to
keep Java loaded, so I could connect (securely) to
work in the evenings.

A more popular way of using Java, is Java games in the browser.
There may be a Java tick box in the browser preferences, and
if a Java game comes along, then you're ready for it.
For example, I temporarily installed Java one day, because
there was a "3D" Java demo I wanted to try out. But after
the demo was done, I un-installed Java again. Currently,
I have no Java dependencies on the machine, so I can leave
it uninstalled.

Due to the amount of maintenance and concern Java causes,
if it was my machine, I'd uninstall it and see what things
"complained" they had no Java. Rather than leaving it installed,
having to get updates for it regularly, and so on.

Paul

 

[Paul]

Hello Paul,


I provided all the pictures versus trying to
explain what I was seeing. I thought it would
be easier

I barely see the SunJavaUpdate myself but
how can I click on a Autoruns image to find the
program path?

I tried to zoom in on the SunJavaUpdate icon but it just blurs. I
haven't run Autoruns since I was working with you and at this time
I'm still working with the malwarebytes forum person.

Could this be it with two JAVA entries? (hopefully you can make it out)

I found Findopolis in Program and Features and
tried to uninstall it but it said an error occurred
and do I want to remove it from the list and I
clicked yes and removed it.

I couldn't find FreeSoft Today. Remote Desktop Access
or Windows Manager Protect but I seem to remember
that I removed FreeSoft Today before?

I checked and I didn't see any Farbar entries in
the Program and Features.

I still use JAVA but I'm very leery of opening it
as it may be corrupted. Maybe I should just remove it
and then reinstall it but there are (2) entries for
JAVA.

So if I reinstall JAVA I should use the JRE then you're
suggesting either of these but the offline is better?

Windows x86 Offline 32.17 MB jre-8u20-windows-i586.exe
Windows x64 91.68 MB jre-8u20-windows-x64.exe <---

Oh jeeeeeez ,.. I've already run Dellfix!@!@!

I don't use CcCleaner,... I've been working on these two
computers non-stop for awhile just to get them up and
running again that I forgot and I'm getting a little
overwhelmed with all the antivirus, anti-malware, programs
besides all the technical data he gave me to read. It takes
allot of time for me to digest all of this.

Damn! I thought those link he gave were the source ! I've
already installed malwarebytes Anti-Exploit.

That was my very concern, with so many programs I worry
about them conflicting with one another and messy up my
computer. I may be wrong but it seems to me overkill. I
like to have my computer as lean as possible.

I don't use my USB all that much. Only to upload pictures
from my camera is about all.

Most of these programs I had never heard of including
CryptoPrevent which is why I asked you to take a look at
them and also because I felt we weren't finished and that
I was still infected but I'm just following instructions.

So you recommend deleting CrytpPrevent, Unchecky, Adblock?

Your concern about FileHippo echoes mine exactly and I'm
very, very leery of it. As I said its showing my JAVA needs
updating when I had just installed it the previous day.

Part of the problem also is that I'm disabled and I don't
want to be spending more time just to keep these programs
updated than the time I spend on the computer itself and I
agree I don't want to turn my computer into a 747 cockpit
which is what its starting to look like!

I think I'll take your suggestions and remove the installed
programs and leave those that you recommend.

Thanks for taking the time to respond and explain things to
me I really appreciate it.

Robert

DelFix is supposed to remove left-overs from things
like FRST (Farbar). It should not affect the other list
of things.

*******

TwinHeadEagle list of programs. These are *optional*. They
may help slightly, keeping the machine clean. But new threats
appear all the time. And even the most prepared organizations
get hit. One day at work, we had the best AV money could buy,
with multiple AV updates every day, and we got a worm on the
network and it tool all day to clean up. A "Doh" moment for
the IT department.

MBAB - you're already using it.

Malwarebytes' Anti-Exploit - should complement your other programs

McShield - Minor improvement, for USB based infection vector.

CryptoPrevent - The original program basically used some
"software restrict" policies, to armor the
machine. The feature set on the current version
looks a little to "ambitious and busy" for ordinary
users. It could interact with normal operation of
the machine, and cause you to "need to read the
manual" for the program.

Regular backups, stored on a hard drive not normally
connected to the computer, is better than nothing to
protect against this. It's also possible MBAE uses
rules like that.

Unchecky - Probably not a lot of side effects. Will need to be updated
once in a while, to deal with new Toolbar installer GUIs.

FileHippo.com Update Checker - You seem to know enough about
doing updates, to not need this.

Adblock - Purely optional. Some pages will not render completely
in a browser, if the advertising is blocked. So some
fiddling may be involved with Adblock or Adblock Plus.

If you installed none of them, you've still got an AV loaded,
which is a start. You're not completely unprotected. And the
new MBAE you've added, likely covers a good percentage of what
some of the other items in the list are trying to do.

And do some Java testing, and satisfy yourself the popup
really does belong to Java. If Java is un-installed, the
popup should be gone. Look in Programs and Features, check
carefully what you're removing.

*******

If you extend the Autoruns window sideways a bit, the
file path information may become visible.

Is C:\FRST empty now ? Once the quarantined content
is gone from there, your AV software scan should be
clean again.

Paul

 

[Mark Twain]

Hello Paul,

It seems that the malwarebytes forum
thread is now closed.

I couldn't find TFC, or Adblock but
I deleted FileHippo and CryptoPrevent.
The JAVA pop-up is gone but should I
uninstall then re-install JAVA just
to make sure things are working correctly?

I know that you gave me the links for
Firefox but where would I find the
downloads for other programs e.g. Adobe
that need updating periodically ?

Here's the list in Program and Features of
what I have on my computer

Is there anything else that you would recommend ?

Thanks,
Robert

 

[Mark Twain]

Hello Paul,

It seems that the malwarebytes forum
thread is now closed.

I couldn't find TFC, or Adblock but
I deleted FileHippo and CryptoPrevent.
The JAVA pop-up is gone but should I
uninstall then re-install JAVA just
to make sure things are working correctly?

I know that you gave me the links for
Firefox but where would I find the
downloads for other programs e.g. Adobe
that need updating periodically ?

Here's the list in Program and Features of
what I have on my computer

Is there anything else that you would recommend ?

Thanks,
Robert

 

[Paul]

Hello Paul,

It seems that the malwarebytes forum
thread is now closed.

I couldn't find TFC, or Adblock but
I deleted FileHippo and CryptoPrevent.
The JAVA pop-up is gone but should I
uninstall then re-install JAVA just
to make sure things are working correctly?

I know that you gave me the links for
Firefox but where would I find the
downloads for other programs e.g. Adobe
that need updating periodically ?

Here's the list in Program and Features of
what I have on my computer

Is there anything else that you would recommend ?

Thanks,
Robert

Do you see this in any browser windows ?

http://www.anvisoft.com/resources/wp-content/uploads/2014/07/Istart123.com-homepage.jpg

You have "istart123" in your Program list. That
would be more junkware. I'm surprised it wasn't
removed. Perhaps it was removed, and just the
entry in the Program list remains ? If so, that's OK.
I would look in the C:\Program Files type directories,
for signs of it. Of course it could be named anything,
just to hide itself. The only reason for checking
in C:\Program Files is to see if it has been removed
by something already.

*******

You have Java 7 installed on the machine. Maybe you
can have more than one version of Java present, and
that's how it got on there.

The Java popup could come back, if there is a
pending update for Java 7. It's possible the
other thing you had was Java 8.

*******

Many of the other items, have updaters that check
at startup, whether an update is needed. They contact
the web site and check for updates. I don't know
if there's that much incentive to override the automatic
updates and install them manually. For example, to update
Adobe Flash, you have to find the right page with a full
installer, if you want to remove all doubt about what
to install. The only reason I don't like the Adobe "web"
based method of updating, is the number of failures
people report.

So there are two issues there for you. Do you see
occasional requests for Adobe Flash updates ? And
are they in the form of a dialog box which is actually
from Adobe ?

I use items from "Flash Player archives", which are
not necessarily in the correct order. You have to
scroll down the page, to find that area of the archive.

http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html

(Released 7/8/2014) Flash Player 14.0.0.145 (167 MB)

That one is relatively old. Maybe that's the version
you've got already. And actually, it is. That's the one
you're running. And I don't see any newer ones in the 14.X
series.

I think the files inside those, are for Mac and Windows.

So at the moment, there is nothing for you to download.
Maybe that means the Adobe Flash Updater is running,
and doing this work for you.

I'd say you were in pretty good shape. Just the
istart123 needs to be checked out. Maybe the
entry in Programs and Features isn't really there,
and an attempt to remove it will return a suitable
warning message there is nothing to uninstall.

I wouldn't leave the Java 7 there, unless you really needed it.
At one time, I was all in favor of Java, and liked to play
with the programs when Java was young. But the amount of
exploits made a joke of the "hardening" Sun Microsystems
put into Java. Now, it's like a Swiss Cheese. The only
reason I'd be leaving it on the machine, is if I bought
expensive software, and the expensive software absolutely
needed it.

Paul

 

[Mark Twain]

Hello Paul,

To answer your questions;

No, I do not see the image provided on
any browser window.

I uninstalled istart123

Regarding Java, all I see is

Java 7 Update 67
Java 7 Update 67 (64 bit)

So if I uninstall Java which one or both?
Can you give me a good reliable source to
re-install it? That way I'll know it's good.

hmmmmm, I can't honestly remember seeing
updates for Adobe flash player, and even
if so how do I know the update is actually
from Adobe and not a rogue virus?

Thanks,
Robert

 

[Paul]

Hello Paul,

To answer your questions;

No, I do not see the image provided on
any browser window.

I uninstalled istart123

Regarding Java, all I see is

Java 7 Update 67
Java 7 Update 67 (64 bit)

So if I uninstall Java which one or both?
Can you give me a good reliable source to
re-install it? That way I'll know it's good.

hmmmmm, I can't honestly remember seeing
updates for Adobe flash player, and even
if so how do I know the update is actually
from Adobe and not a rogue virus?

Thanks,
Robert

Your Adobe Flash is likely updating itself, if you
aren't doing it.

Your version matches the 14.0.0.145 I see in the list
here, so there is nothing for you to do.

http://helpx.adobe.com/flash-player/kb/archived-flash-player-versions.html

You can check the Flash control panel, and look
to see if the updates are on automatic or not.
The top radio button is for automatic (as shown by
the arrow).

http://i62.tinypic.com/2w1xq3t.gif

*******

This page is just for looking at. The Java 8 stream
is at 8u20.

The Java 7 stream is at 7u67. Which is the one you
currently have installed. The text just above 7u67 says
that "End users running Java on the desktop: JRE"
so it is the JRE download you want. We go to that page.

On this page, click the "Accept License Agreement". That's
so the download buttons will work.

http://www.oracle.com/technetwork/java/javase/downloads/jre7-downloads-1880261.html

Your Windows 7 (8500) machine would use the 64 bit one.

Windows x64 29.58 MB jre-7u67-windows-x64.exe

That one doesn't say "Windows x64 Offline", but based
on the size, that is what you are getting. And hope
there is no toolbar or Chrome hiding in there

I don't really understand how you got two Javas, unless
ons is 32 bit, one is 64 bit, and the purpose of this
overkill is so that both 32 bit and 64 bit browsers
get Java. I don't use Java enough, to have faced that
question before. If you did want the 32 bit one for
some reason (Firefox is 32 bit only for example),
then you could download and store this some place for
a rainy day.

Windows x86 Offline 28.06 MB jre-7u67-windows-i586.exe

When you select an "Offline" one, the file is big and is
intended to be a complete file. No fooling around. This is
not a stub installer that needs a working Internet or
anything.

Paul

 

[Mark Twain]

Hello Paul,

I went to the control panel to check
my Adobe flash setting's and this is
what I see:

I clicked on settings>advanced and
this is what it gave me:

Shouldn't my Flash player be 64 bit?
As my Dell 8500 is a 64-bit computer?

I'm not seeing the Java 8 stream your
referring to. Hmmmm if Firefox is only
32 bit that would explain why my Flash
player is 32 bit versus 64 bit but doesn't
a 32 bit program cause conflicts with
a 64 bit computer?

I'm sort of leery of uninstalling/reinstalling
Java now and possibly messing things up.

Robert

 

[Mark Twain]

Hello Paul,

Tonight when logging on the computer
gave me this:

Since I didn't know if this was legitimate or not
I closed it. Again, how is one to know if these
are or aren't safe to use?

I'm gun-shy of clicking on anything anymore.

Robert

 

[Mark Twain]

Hello Paul,

Tonight when logging on the computer
gave me this:

Since I didn't know if this was legitimate or not
I closed it. Again, how is one to know if these
are or aren't safe to use?

It also gave me this:

This comes up periodically but I never use this to
update my computer.

Robert

 

[Hot-Text]

Hello Paul,

Tonight when logging on the computer
gave me this:

Yea it ok
So you can in all are turn off Auto Updata

Paul can help with that

Since I didn't know if this was legitimate or not
I closed it. Again, how is one to know if these
are or aren't safe to use?

It also gave me this:

That good for it popup on the Free one ever 24 hours
You Close it

This comes up periodically but I never use this to
update my computer.

Robert

So one Month you a Paul
Been working in that PC
Good Job look Fix and up to date

 

[Paul]

Hello Paul,

Tonight when logging on the computer
gave me this:

Since I didn't know if this was legitimate or not
I closed it. Again, how is one to know if these
are or aren't safe to use?

It also gave me this:

This comes up periodically but I never use this to
update my computer.

Robert

I would attempt to use Process Explorer from
Sysinternals.com to find out where the program
comes from It if comes from the Avast programs
folder, then it could be legitimate. If you
do some basic legitimacy checking, you could
click it and see the list of programs it thinks
need updating.

If you go back to the Flash control panel,
the tab where you set the update options
probably controls what response it makes.
Perhaps you selected "inform me before downloading"
or something similar ?

I just checked here, and it looks like the 145 you
are using is replaced by minor update 176.

http://www.adobe.com/software/flash/about/

If you accept the Flash update when it offers that
to you, then the download may be smaller (for a web update),
than if using the archived installer files.

Some of these are a trade-off of complexity
versus thoroughness. I like the full Adobe
installer, simply because there are fewer
reports of that screwing up. There are more
cases, where a web update screws up Flash.
If that were to happen, you would attempt to
remove it, followed by using the large
archive file to do the install.

Paul

 

[Mark Twain]

Hello Paul,

It sure seems like allot of work just
to check to see if a download is
legitimate or not but I guess it's
better to be safe than sorry. I thought
computers were suppose to make life
easier *L*

I went into my Flash settings and changed
it to allow Adobe to install updates.

As far as Avast is concerned; I would need to
open up it up and see just which programs it's
wanting to update but it doesn't actually give
a pop-up per se, it just lists the programs needing
an update if I recall so how would Sysinternals.com
work in that situation?

I suppose I could download the file and not execute
it and then check it?

I still haven't had the time to even check out the new
programs or how they work.

Thoughts/suggestions ?
Robert

 

[Paul]

Hello Paul,

It sure seems like allot of work just
to check to see if a download is
legitimate or not but I guess it's
better to be safe than sorry. I thought
computers were suppose to make life
easier *L*

I went into my Flash settings and changed
it to allow Adobe to install updates.

As far as Avast is concerned; I would need to
open up it up and see just which programs it's
wanting to update but it doesn't actually give
a pop-up per se, it just lists the programs needing
an update if I recall so how would Sysinternals.com
work in that situation?

I suppose I could download the file and not execute
it and then check it?

I still haven't had the time to even check out the new
programs or how they work.

Thoughts/suggestions ?
Robert

In your first picture, Adobe Flash is set to update itself.

*******

You would check the settings on Avast, to see if
there is a way to disable the Update Dialog. That's
if it bothers you. Otherwise, click it and find
out what it is complaining about. Chances are, it is
complaining about Flash, since your picture above shows
the current version as 145 and the new version as 167.
Your Firefox probably updates itself, so that isn't it.

The Sysinternals Autoruns is handy for controlling
programs that don't have a Preferences or Options
dialog. Like toolbars and stuff. The Autoruns program,
allows you to disable Startup items, so you can
test and see if a particular item might be causing
a particular dialog at startup perhaps. Or, if the
unticked item in there, becomes ticked again,
then you'd suspect that something is running on
the machine, that wants to undo such a change.
I think I've had a legit program do that once.
While a toolbar would do stuff like that, some
software developers like to try that stuff on
regular programs.

There is no pressing need for you to use Autoruns
right now, because as far as I know, your Toolbar
problem is cleaned up again. So hopefully no more
experiments or guided help on that front.

Paul

 

[Mark Twain]

Hello Paul,

I checked, and my settings for Adobe Flash
is identical to the first picture. However if it
is set for automatic updates then shouldn't it
download and install version 167 or is that
something I have to do?

Next time Avast updates pops up I'll have a
look at it.

I still have to check out all the other programs
e.g. Unchecky, malwarebytes Anti-Exploit and
Mc Shield.

Thanks,
Robert

 

[Paul]

Hello Paul,

I checked, and my settings for Adobe Flash
is identical to the first picture. However if it
is set for automatic updates then shouldn't it
download and install version 167 or is that
something I have to do?

Next time Avast updates pops up I'll have a
look at it.

I still have to check out all the other programs
e.g. Unchecky, malwarebytes Anti-Exploit and
Mc Shield.

Thanks,
Robert

Go back and look at your Flash control panel dialog again.

http://i60.tinypic.com/imozfp.jpg

There is an option in there "Check Now", that
allows the user to rush the process along, and
do the download right this instant.

I expect the thing checks only once in a while,
like after a reboot. But if you want, you can
use the Flash control panel, to have it
do a query manually as to whether it is
up to date or not. See if that eventually
gets you to the newer (167?) update or not.

Paul

 

[Mark Twain]

Hello Paul,

I did as you suggested but instead of 167
it gave me 15.0.0.152.

I downloaded/installed it and didn't seem to
have any issues.

I tried to look for the Flash player on the
8200 so that I could update it as well but
couldn't find it.

Robert

 

[Mark Twain]

As soon as I posted my message the Avast pop-up
for updates appeared.

Oddly, everything is up to date so why am I getting
the pop-ups?

Robert