Jump to content

SAS detected Trojan fakes


fdisd

Recommended Posts

Hello,
    
 
They call me TwinHeadedEagle around here, and I'll be working with you.
 
     
    
Before we start please read and note the following:

  • Limit your internet access to posting here, some infections just wait to steal typed-in passwords.
  • Please be patient. I know it is frustrating when your PC isn't working properly, but malware removal takes time.
  • Don't run any scripts or tools on your own, unsupervised usage may cause more harm than good.
  • Do not paste the logs in your posts, attachments make my work easier. There is a More reply options button, that gives you Upload Files option below which you can use to attach your reports. Always attach reports from all tools.
  • Always execute my instructions in given order. If for some reason you cannot completely follow one instruction, inform me about that.
  • Stay with me to the end, the absence of symptoms doesn't mean that your machine is fully operational.
  • Note that we may live in totally different time zones, what may cause some delays between answers.
  • Do not ask for help for your business PC. Companies are making revenue via computers, so it is good thing to pay someone to repair it.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.

:excl: I can't foresee everything, so if anything unexpected happens, please stop and inform me!
:excl: There are no silly questions. Never be afraid to ask if in doubt!
 
 
 
  warning.gif Rules and policies
 
We won't support any piracy.
That being told, if any evidence of illegal OS, software, cracks/keygens or any other will be revealed, any further assistance will be suspended. If you are aware that there is this kind of stuff on your machine, remove it before proceeding!
The same applies to any use of P2P software: uTorrent, BitTorrent, Vuze, Kazaa, Ares... We don't provide any help for P2P, except for their removal. All P2P software has to be uninstalled or at least fully disabled before proceeding!
 
Failure to follow these guidelines will result with closing your topic and withdrawning any assistance.
 
 
 
 
Download 51a5f31352b88-icon_MBAR.pngMalwarebytes Anti-Rootkit to your desktop.

  • Double-click the icon to start the tool.
  • It will ask you where to extract it, then it will start.
  • Warning! Malwarebytes Anti-Rootkit needs to be run from an account with administrator rights.
  • Click in the introduction screen "next" to continue.
  • Click in the following screen "Update" to obtain the latest malware definitions.
  • Once the update is complete select "Next" and click "Scan".
  • When the scan is finished and no malware has been found select "Exit".
  • If malware was detected, make sure to check all the items and click "Cleanup". Reboot your computer.
  • Open the MBAR folder and paste the content of the following files in your next reply:
    • "mbar-log-{date} (xx-xx-xx).txt"
    • "system-log.txt"

 

 

FRST.gif Scan with Farbar Recovery Scan Tool
 
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Make sure that Addition option is checked.
  • Press Scan button and wait.
  • The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.

Please include their content into your next reply.

Link to post
Share on other sites

Trojan.Agent/Gen-Backdoor[FakeAlert]

    C:\WINDOWS\TEMP\AAF1E360-020D-42B8-A3B5-63500EDC5878\CSRSS.EXE

    C:\WINDOWS\TEMP\032FCB01-D7B6-4F74-B541-7E611B6DA71C\CSRSS.EXE

    C:\WINDOWS\TEMP\08A985F6-8BB9-40CA-9649-5CD2D35FFDF5\FIREFOX.EXE

    C:\WINDOWS\TEMP\3A60357D-D91C-44E0-9422-90ADFA3286F8\CSRSS.EXE

    C:\WINDOWS\TEMP\4931AB6C-5583-4A2D-B12A-57E8BA54615D\CSRSS.EXE

    C:\WINDOWS\TEMP\79E7D86F-D2E3-4373-B5B1-27537EAD9399\SERVICES.EXE

    C:\WINDOWS\TEMP\7A50273A-FF43-447B-AFCF-7FBA4BF9C84D\SERVICES.EXE

    C:\WINDOWS\TEMP\9246A5B7-E997-4553-BA3A-15C38AB8C48B\SERVICES.EXE

    C:\WINDOWS\TEMP\899017B8-4F55-4BA7-97F1-96D60B498B42\FIREFOX.EXE

    C:\WINDOWS\TEMP\915F960F-DBF7-4618-8887-DB7CC6ADBE28\LSASS.EXE

    C:\WINDOWS\TEMP\ADA8CB60-DA22-4D88-ABA1-157C84784277\SERVICES.EXE

    C:\WINDOWS\TEMP\B5ACCE68-5821-4B4E-9E46-94D0D17FFA93\LSASS.EXE

    C:\WINDOWS\TEMP\BCD40C26-9CD1-4E9C-9011-48073B05E554\CSRSS.EXE

    C:\WINDOWS\TEMP\BD216E28-3EDC-46EE-95B1-15022C19C86A\CSRSS.EXE

    C:\WINDOWS\TEMP\C8EE703A-BFD4-40EA-95F9-02FD8EF83962\CSRSS.EXE

    C:\WINDOWS\TEMP\E9292ED0-6238-4A83-8CD3-10C930BB9D47\CSRSS.EXE

    C:\WINDOWS\TEMP\F2B157F9-8DAE-4B0F-9C00-0EDFAF58F9F9\LSASS.EXE

    C:\WINDOWS\TEMP\F42BA49B-D29E-429D-8231-F79EA27A224A\LSASS.EXE

Trojan.Dropper/SVCHost-Fake

    C:\WINDOWS\TEMP\03108808-F4CE-4BF5-8F5C-F05996C7A37F\SVCHOST.EXE

    C:\WINDOWS\TEMP\08F55994-6399-438D-8EE5-66E019DF5C36\SVCHOST.EXE

    C:\WINDOWS\TEMP\091B96F3-7203-40C9-AFF7-C31141C5B4E3\SVCHOST.EXE

    C:\WINDOWS\TEMP\0B6C3D57-1574-47CC-9E96-9BD3E3DE0872\SVCHOST.EXE

    C:\WINDOWS\TEMP\14E57378-B844-4B34-B439-72647B2F8BBA\SVCHOST.EXE

    C:\WINDOWS\TEMP\1C26E4D6-E93C-4741-9419-317FD217E888\SVCHOST.EXE

    C:\WINDOWS\TEMP\240FFACD-E208-4871-A17A-F0195F89A516\SVCHOST.EXE

    C:\WINDOWS\TEMP\24198577-D686-4A7C-BC16-27C48DE2887B\SVCHOST.EXE

    C:\WINDOWS\TEMP\26FB5CB5-79EA-456F-ADAE-A5760A2755C1\SVCHOST.EXE

    C:\WINDOWS\TEMP\27548B64-D052-4437-A2CC-DD22403A019F\SVCHOST.EXE

    C:\WINDOWS\TEMP\29175507-8231-4600-91EC-9C14D554FDA7\SVCHOST.EXE

    C:\WINDOWS\TEMP\296C230D-A9CF-4875-A7C3-64E4F14F6BE9\SVCHOST.EXE

    C:\WINDOWS\TEMP\2D5374AF-D028-4117-95F1-E5D9EF69A9FA\SVCHOST.EXE

    C:\WINDOWS\TEMP\3C41CEFA-B37A-4FFC-AB3D-EEBC85A8433B\SVCHOST.EXE

    C:\WINDOWS\TEMP\437828D0-F691-4E6F-AD39-44592DB2B8D0\SVCHOST.EXE

    C:\WINDOWS\TEMP\449841BD-C177-4920-BFE6-BDB8F1E8DDFE\SVCHOST.EXE

    C:\WINDOWS\TEMP\48BB8B94-BA4F-4564-9F45-00F8AB4C7FA2\SVCHOST.EXE

    C:\WINDOWS\TEMP\490A2F96-7E91-45D6-9BDF-9AF8AD5769A8\SVCHOST.EXE

    C:\WINDOWS\TEMP\4D572DB3-1914-4008-93B1-DB22C39951EE\SVCHOST.EXE

    C:\WINDOWS\TEMP\4DDE1E26-7E14-4679-AB05-922998CF749D\SVCHOST.EXE

    C:\WINDOWS\TEMP\538720D8-3824-49E3-86A8-C91EBE81D174\SVCHOST.EXE

    C:\WINDOWS\TEMP\55CD5BF2-AF3B-4F99-83E7-51155D813AA6\SVCHOST.EXE

    C:\WINDOWS\TEMP\56FD5C5D-CB42-47AB-9CC5-FFDFAF62E44B\SVCHOST.EXE

    C:\WINDOWS\TEMP\59BF778C-48DF-45CF-A564-1EAB7DA7732F\SVCHOST.EXE

    C:\WINDOWS\TEMP\67D20474-C574-4B13-80CB-59F5C2888091\SVCHOST.EXE

    C:\WINDOWS\TEMP\68E943E0-6418-452C-B0A8-98874E9C2F4A\SVCHOST.EXE

    C:\WINDOWS\TEMP\73E1F633-95C3-49AA-9039-34D43004DC11\SVCHOST.EXE

    C:\WINDOWS\TEMP\6C4094E8-D525-4056-BBB7-556900E1EDFF\SVCHOST.EXE

    C:\WINDOWS\TEMP\707232C2-9129-46DD-BB13-39B05770812A\SVCHOST.EXE

    C:\WINDOWS\TEMP\70DFD802-4935-4A12-A213-F1C85629C9C5\SVCHOST.EXE

    C:\WINDOWS\TEMP\71C4FDA6-DF21-4842-ABA3-B6531CAA29BB\SVCHOST.EXE

    C:\WINDOWS\TEMP\7520791B-E164-4D0B-8B34-B6C28FE0A045\SVCHOST.EXE

    C:\WINDOWS\TEMP\7C2A6475-0A20-482A-BB10-A78533C011BA\SVCHOST.EXE

    C:\WINDOWS\TEMP\7D612956-3FAA-42A9-BB2C-5373474065DB\SVCHOST.EXE

    C:\WINDOWS\TEMP\7F8772B4-4C04-4791-BDFD-412CEC21EC05\SVCHOST.EXE

    C:\WINDOWS\TEMP\7FF14258-2E6F-4EC8-B411-AA8D3AD3EB52\SVCHOST.EXE

    C:\WINDOWS\TEMP\8529DCB1-20F8-4E7E-AAA5-4505662B6510\SVCHOST.EXE

    C:\WINDOWS\TEMP\8F3E3591-7787-4EAD-9D81-29794D201DF9\SVCHOST.EXE

    C:\WINDOWS\TEMP\937EF3E5-CD02-4C58-8663-2E6BA1D15D99\SVCHOST.EXE

    C:\WINDOWS\TEMP\98D816C0-8CFF-41EF-B8A3-3A63712E0201\SVCHOST.EXE

    C:\WINDOWS\TEMP\A0E49E84-3720-4314-8A2F-FF82667809E3\SVCHOST.EXE

    C:\WINDOWS\TEMP\A17A0EE0-0ED3-47F8-A16E-17A09838C213\SVCHOST.EXE

    C:\WINDOWS\TEMP\A6FFC343-0090-4634-A68E-270619BA9488\SVCHOST.EXE

    C:\WINDOWS\TEMP\B07BAA9C-3A77-437E-999E-EF3D1E3912F3\SVCHOST.EXE

    C:\WINDOWS\TEMP\B75CF3C5-7D8B-4C65-8C9A-6A9C2717A15E\SVCHOST.EXE

    C:\WINDOWS\TEMP\B95B76A8-0463-48BF-8871-65EBAD8ECD9A\SVCHOST.EXE

    C:\WINDOWS\TEMP\C5B4820B-0514-4025-858F-95106E08347A\SVCHOST.EXE

    C:\WINDOWS\TEMP\BE39715F-CB59-4E22-A7E9-7418AA9EEAA5\SVCHOST.EXE

    C:\WINDOWS\TEMP\C0A49048-328B-4F46-92EF-08F85FCA52C9\SVCHOST.EXE

    C:\WINDOWS\TEMP\C1516657-C32F-47E4-B92B-BF85CC9026FF\SVCHOST.EXE

    C:\WINDOWS\TEMP\C98A1DA0-1D70-47AA-BA5C-5DE9D2F615B9\SVCHOST.EXE

    C:\WINDOWS\TEMP\D327E543-42E5-4A0E-B224-D25EF3D3D663\SVCHOST.EXE

    C:\WINDOWS\TEMP\DC1B23BF-1382-46C8-B448-085537F7894F\SVCHOST.EXE

    C:\WINDOWS\TEMP\DCFACB1A-67DF-4A5F-AEA0-471FC86463B2\SVCHOST.EXE

    C:\WINDOWS\TEMP\E1C814D9-E6D2-42A7-AA60-BE7114BC6C66\SVCHOST.EXE

    C:\WINDOWS\TEMP\E425068A-9775-4A69-9669-2456767021E9\SVCHOST.EXE

    C:\WINDOWS\TEMP\FB2DAEFF-8E65-4577-9159-EB1CDF88A717\SVCHOST.EXE

    C:\WINDOWS\TEMP\FD3A7DB4-3F14-44A7-AF94-148980D8CE06\SVCHOST.EXE

    C:\WINDOWS\TEMP\FF2C5417-AA3C-41A3-B634-26D27652C26F\SVCHOST.EXE

    C:\WINDOWS\TEMP\FF84EBEE-52C7-40EB-89CE-AEE5BB41AFF5\SVCHOST.EXE

Trojan.Downloader-SMSS/Fake

    C:\WINDOWS\TEMP\26F992A4-B1BF-48E5-B2C5-84BFDA78394A\SMSS.EXE

    C:\WINDOWS\TEMP\541209FC-0FF3-4734-8A28-CBE76BC974B2\SMSS.EXE

    C:\WINDOWS\TEMP\8BDE5860-99B8-4B88-B4CF-E8F6824C69F0\SMSS.EXE

    C:\WINDOWS\TEMP\B6D4BA5E-7D6E-49AB-87D6-A799C854C87A\SMSS.EXE

Trojan.SpoolSV-Fake

    C:\WINDOWS\TEMP\3EC46DB2-D49B-49E9-AD8F-9B4B4229790F\SPOOLSV.EXE

    C:\WINDOWS\TEMP\5D4EDE67-0922-479E-A6B9-EA608B53A22E\SPOOLSV.EXE

    C:\WINDOWS\TEMP\D90B948C-59C8-4482-884B-B95FF6336BDC\SPOOLSV.EXE

    C:\WINDOWS\TEMP\FD0FFE72-0422-4FC6-B406-2E4EBF8C618D\SPOOLSV.EXE

Trojan.Agent/Gen-FakeAlert

    C:\WINDOWS\TEMP\94871DDB-E9BB-4D24-8721-CE84F9EE5E99\WINLOGON.EXE

    C:\WINDOWS\TEMP\977CA986-D2C7-4806-A402-D9AEAC347540\WINLOGON.EXE

    C:\WINDOWS\TEMP\CD485B37-8932-4FE9-BE48-AEDB19810116\JUSCHED.EXE

    C:\WINDOWS\TEMP\D1D97D26-3CF8-42FE-B7F0-122E5D010C02\WINLOGON.EXE

    C:\WINDOWS\TEMP\F144BAA4-BE91-4352-B4F7-E4E4BF9CEA85\WINLOGON.EXE

Link to post
Share on other sites

I do not see active infection present in the reports. These files are just detection inside temporary folders and we will clean this in the next step.
 
 
FRST.gif Fix with Farbar Recovery Scan Tool
 

icon_exclaim.gif This fix was created for this user for use on that particular machine. icon_exclaim.gif
icon_exclaim.gif Running it on another one may cause damage and render the system unstable. icon_exclaim.gif

 
Download attached fixlist.txt file and save it to the Desktop:
 
Both files, FRST and fixlist.txt have to be in the same location or the fix will not work!

  • Right-click on FRST.gif icon and select RunAsAdmin.jpg Run as Administrator to start the tool.
    (XP users click run after receipt of Windows Security Warning - Open File).
  • Press the Fix button just once and wait.
  • If for some reason the tool needs a restart, please make sure you let the system restart normally. After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop, called Fixlog.txt.

Please attach it to your reply.

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Hello fdisd

 

I cannot speak for what SAS finds or found as I've not used it myself now for a few years since they sold the company off. I will take over for Twin and check your current system to see if anything is there or not.

 

 

Please go ahead and run through the following steps and post back the logs when ready.
 
STEP 04
Please download Junkware Removal Tool to your desktop.

  • Shutdown your antivirus to avoid any conflicts.
  • Right click over JRT.exe and select Run as administrator on Windows Vista or Windows 7, double-click on XP.
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next reply message
  • When completed make sure to re-enable your antivirus

STEP 05
Lets clean out any adware now: (this will require a reboot so save all your work)

Please download AdwCleaner by Xplode and save to your Desktop.


  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select Run As Administrator
  • Click on the Scan button.
  • AdwCleaner will begin...be patient as the scan may take some time to complete.
  • When it's done you'll see: Pending: Please uncheck elements you don't want removed.
  • Now click on the Report button...a logfile (AdwCleaner[R0].txt) will open in Notepad for review.
  • Look over the log especially under Files/Folders for any program you want to save.
  • If there's a program you may want to save, just uncheck it from AdwCleaner.
  • If you're not sure, post the log for review. (all items found are adware/spyware/foistware)
  • If you're ready to clean it all up.....click the Clean button.
  • After rebooting, a logfile report (AdwCleaner[s0].txt) will open automatically.
  • Copy and paste the contents of that logfile in your next reply.
  • A copy of that logfile will also be saved in the C:\AdwCleaner folder.
  • Items that are deleted are moved to the Quarantine Folder: C:\AdwCleaner\Quarantine
  • To restore an item that has been deleted:
  • Go to Tools > Quarantine Manager > check what you want restored > now click on Restore.

STEP 06
Please open Malwarebytes Anti-Malware and from the Dashboard please Check for Updates by clicking the Update Now... link
Open up Malwarebytes > Settings > Detection and Protection > Enable Scan for rootkits, Under Non Malware Protection set both PUP and PUM to Treat detections as malware.
Click on the SCAN button and run a Threat Scan with Malwarebytes Anti-Malware by clicking the Scan Now>> button. Remove any threats found
Once completed please click on the History > Application Logs and find your scan log and open it and then click on the "copy to clipboard" button and post back the results on your next reply.


STEP 07
button_eos.gif

Please go here to run the online antivirus scannner from ESET.


  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.

STEP 08
Please download the Farbar Recovery Scan Tool and save it to your desktop.

Note: You need to run the version compatibale with your system. You can check here if you're not sure if your computer is 32-bit or 64-bit


  • Double-click to run it. When the tool opens click Yes to disclaimer.
  • Press the Scan button.
  • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
  • The first time the tool is run, it also makes another log (Addition.txt). Please attach it to your reply as well. Make sure you place a check mark in the Additon.txt check box to get that log.

 

 

Thanks

 

 

 

Link to post
Share on other sites

  • Root Admin

Please go into Control Panel, Add/Remove and uninstall ALL versions of Java and then run the following.
 
Please download JavaRa-1.16 and save it to your computer.

  • Double click to open the zip file and then select all and choose Copy.
  • Create a new folder on your Desktop named RemoveJava and paste the files into this new folder.
  • Quit all browsers and other running applications.
  • Right-click on JavaRa.exe in RemoveJava folder and choose Run as administrator to start the program.
  • From the drop-down menu, choose English and click on Select.
  • JavaRa will open; click on Remove Older Versions to remove the older versions of Java installed on your computer.
  • Click Yes when prompted. When JavaRa is done, a notice will appear that a logfile has been produced. Click OK.
  • A logfile will pop up. Please save it to a convenient location and post it in your next reply.

Next:
 
Please Run TFC by OldTimer to clear temporary files:


  • Download TFC from here and save it to your desktop.
  • http://oldtimer.geekstogo.com/TFC.exe
  • Close any open programs and Internet browsers.
  • Double click TFC.exe to run it on XP (for Vista and Windows 7 right click and choose "Run as administrator") and once it opens click on the Start button on the lower left of the program to allow it to begin cleaning.
  • Please be patient as clearing out temp files may take a while.
  • Once it completes you may be prompted to restart your computer, please do so.
  • Once it's finished you may delete TFC.exe from your desktop or save it for later use for the cleaning of temporary files.

 

Next,

 

Please download Security Check by screen317 from HERE or HERE.

  • Save it to your Desktop.
  • Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
  • If you get Unsupported operating system. Aborting now, just reboot and try again.
  • A Notepad document should open automatically called checkup.txt.
  • Please Post the contents of that document.
  • Do Not Attach It!!!

 

 

 

 

 

 

 

Next,

 

Please download the attached fixlist.txt file and save it to the Desktop.
NOTE. It's important that both files, FRST or FRST64 and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on this particular machine. Running this on another machine may cause damage to your operating system.

Run FRST or FRST64 and press the Fix button just once and wait.
If the tool needs a restart please make sure you let the system restart normally and let the tool complete its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach or post it to your next reply.

Note: If the tool warned you about an outdated version please download and run the updated version.
 

 

fixlist.txt

Link to post
Share on other sites

  • Root Admin

Java is one of the #1 reasons that help allow your computer to get infected as it's code is often compromised and Java runs with system rights. I fully remove java and clean up the computer to ensure there is no old compromised code on the system. Adobe Flash is also often compromised but it has an easier repair just by updating it and Java does not.

 

Once we're done cleaning your system if you want to reinstall Java you can (I would highly suggest not running Java if at all possible though).

Link to post
Share on other sites

I didn't see the step about removing java in add/remove programs so I did that after removing old versions. Not sure if it's related but it still sort of shows up in the control panel.

GA2rrFu.png

 

I also noticed there are still Java files/folders located in appdata/locallow/sun and appdata/locallow/oracle.

 

Was clearing my Firefox history,cookies,and cache (from fixlist) a mistake?

 

 

 Results of screen317's Security Check version 0.99.95  
 Windows 7 Service Pack 1 x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:``````````````
 Windows Firewall Enabled!  
avast! Antivirus   
 Antivirus up to date!   
`````````Anti-malware/Other Utilities Check:`````````
  Java 64-bit 8 Update 31  
 Adobe Flash Player 16.0.0.296  
 Adobe Reader XI  
 Mozilla Firefox (35.0.1)
 Google Chrome (40.0.2214.91)
 Google Chrome (40.0.2214.93)
````````Process Check: objlist.exe by Laurent````````  
 Malwarebytes Anti-Malware mbamservice.exe  
 Malwarebytes Anti-Malware mbam.exe  
 Malwarebytes Anti-Malware mbamscheduler.exe   
 AVAST Software Avast AvastSvc.exe  
 AVAST Software Avast afwServ.exe  
 AVAST Software Avast avastui.exe  
`````````````````System Health check`````````````````
 Total Fragmentation on Drive C: 0%
````````````````````End of Log``````````````````````
 

 

Other logs attached.

logs3.zip

Link to post
Share on other sites

  • Root Admin

Removal of Java via the control panel would have made it easier but let's try this other version remover and see if it can clean it up some.

 

Next please run JavaRa.

  • Please download JavaRa 2.6 and unzip it to your desktop.
  • Double-click on JavaRa.exe to start the program.
  • Choose Remove JRE and since you already uninstalled JAVA skip step 1 and click on the next button.
  • Now click on Perform Removal Routine to remove the older versions of Java installed on your computer.
  • When that's successfully done, please click OK to close the message.
  • Click on Next and skip the downloading process. Click Next and now click on Close this wizard and click Finish.
  • From the main menu please choose Additional tasks
  • Place a checkmark beside Remove startup entry, Remove Outdated JRE Firefox Extentions and Clean JRE Temp Files and click Run. The browsers should be closed before running this task.
  • When that's succesfully done you will see a message at the top saying: "Selected tasks completed successfully".
  • A log file should be created in the same directory as JavaRa.
  • Please attach the log to your next reply.
  • Close JavaRa by clicking the red cross button.


 

 

Yes, the clean up of the temp, cookies, etc was done by TFC for the most part. I manually removed some Java startup entries but not files for it as well.

 

After you try the other JavaRA clean up please reboot and let me know how ti's running now.

 

Thanks

Link to post
Share on other sites

Guest
This topic is now closed to further replies.
  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.