Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
another victim of dllhost
Message
<blockquote data-quote="TwinHeadedEagle" data-source="post: 255831" data-attributes="member: 6533"><p>Very good. Don't worry, we're going to fix everything <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p></p><p></p><p></p><p><img src="https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/warning.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /><strong> <span style="color: #FF0000"><u>Multiple Resident Protection warning!</u></span></strong></p><p></p><p><strong>Always have one (and no more than one!) AntiVirus program!</strong> In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. <strong>Please choose only one from the listed below</strong> to stay with and uninstall the others:</p><ul> <li data-xf-list-type="ul">Microsoft Security Essentials</li> <li data-xf-list-type="ul">Norton 360</li> </ul><p></p><p>Uninstallation procedure:</p><ul> <li data-xf-list-type="ul">Press the <img src="https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> + <strong>R</strong> on your keyboard at the same time. Type <strong>appwiz.cpl</strong> and click <strong>OK</strong>.</li> <li data-xf-list-type="ul">Search for each uninstalled entry, right-click it and select <strong>Uninstall</strong>.</li> </ul><p>This should be done until any other steps will be taken.</p><p></p><p></p><p></p><p></p><p><img src="https://sites.google.com/site/cannedfixes/home/hosted-images-tools/remove%20outdated.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /><strong> <u><span style="color: #000000">Uninstall some programs</span></u></strong></p><p></p><p>We need to uninstall some programs.</p><ul> <li data-xf-list-type="ul">Press the <img src="https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> + <strong>R</strong> on your keyboard at the same time. Type <strong>appwiz.cpl</strong> and click <strong>OK</strong>.</li> <li data-xf-list-type="ul">Search there for each entry mentioned below, right-click the entry and click <strong>Uninstall</strong> one at a time</li> </ul><p><strong>The list of programs to uninstall:</strong></p><ul> <li data-xf-list-type="ul"><strong>Best Buy pc app</strong></li> <li data-xf-list-type="ul"><strong>Tuneup Pro</strong></li> </ul><p>After completing uninstalls, <strong>please manually reboot</strong> your machine!</p><p></p><p></p><p></p><p></p><p><img src="https://sites.google.com/site/cannedfixes/combofix/51a5bf3d99e8a-ComboFixlogo16.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /><strong> <u><span style="color: blue">Fix with ComboFix</span></u></strong></p><p></p><p>Let's prepare a Script for ComboFix to mark some things for being deleted.</p><p></p><ul> <li data-xf-list-type="ul">Press the <img src="https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> + <strong>R</strong> on your keyboard at the same time.</li> <li data-xf-list-type="ul">A <strong>Run</strong> window should appear in the lower left corner. Type in <strong>notepad.exe</strong> and press <strong>Enter</strong>.</li> <li data-xf-list-type="ul">In the shown window paste in the following script:<br /> [code]<br /> Folder::<br /> c:\users\Todd\AppData\Roaming\Systweak<br /> c:\program files (x86)\ResultsBay<br /> c:\users\Todd\AppData\Local\ArcadeParlor<br /> c:\program files (x86)\IObit<br /> c:\users\Todd\AppData\Roaming\IObit<br /> c:\programdata\IObit<br /> <br /> Registry::<br /> [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}]<br /> [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{39AD0726-986D-40F9-972B-E3BFA24B7745}]<br /> <br /> Driver::<br /> {e34ff9ce-e6b6-450a-ace7-3acd1926facd}Gw64<br /> Update ResultsBay<br /> Util ResultsBay<br /> <br /> File::<br /> c:\windows\system32\drivers\{e34ff9ce-e6b6-450a-ace7-3acd1926facd}Gw64.sys<br /> <br /> ClearJavaCache::<br /> [/code]</li> <li data-xf-list-type="ul">Go to <strong>File</strong> menu and select <strong>Save as</strong>.</li> <li data-xf-list-type="ul">Make sure that the <strong>Save as type</strong> option is set to <span style="color: blue"><strong>Text files (*.txt)</strong></span> and the place to save will be your <strong>desktop</strong>.</li> <li data-xf-list-type="ul">Name the file <strong><span style="color: red">CFScript</span></strong> and select <strong>Save</strong>.</li> </ul><p>Your <strong>CFScript.txt</strong> file should appear on your desktop.</p><p></p><p><strong>Temporary disable your AntiVirus and AntiSpyware protection</strong> - instructions <a href="http://www.bleepingcomputer.com/forums/topic114351.html" target="_blank">here</a>.</p><p></p><ul> <li data-xf-list-type="ul">Now drag your <strong>CFScript</strong> file and drop it onto the <img src="https://sites.google.com/site/cannedfixes/combofix/51a5bf3d99e8a-ComboFixlogo16.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> icon.</li> <li data-xf-list-type="ul">This will start ComboFix. <strong>Let it run uninterrupted!</strong></li> <li data-xf-list-type="ul">A reboot may be needed during this run. Allow it.</li> <li data-xf-list-type="ul">When finished, it shall produce a log for you at <strong>C:\ComboFix.txt</strong> and display it.</li> </ul><p>Please include that log in your next reply.</p><p></p><p><img src="http://forum.programosy.pl/images/smilies/icon_idea.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /> If you'll encounter any issues with internet connection after running ComboFix, please visit <a href="http://www.bleepingcomputer.com/combofix/how-to-use-combofix#restore" target="_blank">this</a> link.</p><p><img src="http://forum.programosy.pl/images/smilies/icon_idea.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /> If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine.</p><p><img src="http://forum.programosy.pl/images/smilies/icon_idea.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /> Do not forget to turn on your previously switched-off protection software!</p><p></p><p></p><p></p><p></p><p><img src="https://sites.google.com/site/cannedfixes/adwcleaner/adwcleaner_new.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> <strong> <u><span style="color: blue">Fix with AdwCleaner</span></u></strong></p><p></p><p>Please download <a href="http://www.bleepingcomputer.com/download/adwcleaner/" target="_blank"><strong>AdwCleaner</strong></a> by Xplode and save the file to your desktop.</p><p></p><ul> <li data-xf-list-type="ul">Right-click on <img src="https://sites.google.com/site/cannedfixes/adwcleaner/adwcleaner_new.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> icon and select <img src="https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg" alt="" class="fr-fic fr-dii fr-draggable " style="" /> <strong> Run as Administrator</strong> to start the tool.</li> <li data-xf-list-type="ul">Follow the prompts and click <strong>Scan</strong>.</li> <li data-xf-list-type="ul">When finished, please click <strong>Clean</strong>.</li> <li data-xf-list-type="ul">Upon completion, click Report. A log (<strong>AdwCleaner[S*].txt)</strong> will open.</li> </ul><p></p><p>Please include the contents of that file in your reply.</p><p></p><p></p><p></p><p></p><p><img src="https://sites.google.com/site/cannedfixes/malwarebytes-anti-malware/51a46ae42d560-malwarebytes_anti_malware.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> <strong> <u><span style="color: blue">Scan with Malwarebytes' Anti-Malware</span></u></strong></p><p></p><p>Please download <a href="http://www.malwarebytes.org/products/" target="_blank"><span style="color: #ff0000"><strong>Malwarebytes Anti-Malware</strong></span></a> and save it to your desktop.</p><ul> <li data-xf-list-type="ul">Install the progam and select <strong>update</strong>.</li> <li data-xf-list-type="ul">Once updated, click the <strong>Settings</strong> tab, in the left panel choose <strong>Detctions & protection</strong> and tick <strong>Scan for rootkits</strong>.</li> <li data-xf-list-type="ul">Click the <strong>Scan</strong> tab, choose <strong>Threat Scan</strong> is checked and click <strong>Scan Now</strong>.</li> <li data-xf-list-type="ul">If threats are detected, click the <strong>Apply Actions</strong> button. You will now be prompted to reboot. Click <strong>Yes</strong>.</li> <li data-xf-list-type="ul">Upon completion of the scan (or after the reboot), click the <strong>History</strong> tab.</li> <li data-xf-list-type="ul">Click <strong>Application Logs</strong> and double-click the <strong>Scan Log</strong>.</li> <li data-xf-list-type="ul">At the bottom click <strong>Export</strong> and choose <strong>Text file</strong>.</li> </ul><p>Save the file to your desktop and include its content in your next reply.</p></blockquote><p></p>
[QUOTE="TwinHeadedEagle, post: 255831, member: 6533"] Very good. Don't worry, we're going to fix everything :) [IMG]https://sites.google.com/site/cannedfixes/home/hosted-images-formatting/warning.gif[/IMG][B] [COLOR=#FF0000][U]Multiple Resident Protection warning![/U][/COLOR][/B] [B]Always have one (and no more than one!) AntiVirus program![/B] In this case having more of them will not provide you with better protection - instead they may cause slowness, lock-ups and even mark another ones as harmful, leading to leave your system unstable and even damaged. [B]Please choose only one from the listed below[/B] to stay with and uninstall the others: [LIST] [*]Microsoft Security Essentials [*]Norton 360 [/LIST] Uninstallation procedure: [LIST] [*]Press the [IMG]https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png[/IMG] + [B]R[/B] on your keyboard at the same time. Type [B]appwiz.cpl[/B] and click [B]OK[/B]. [*]Search for each uninstalled entry, right-click it and select [B]Uninstall[/B]. [/LIST] This should be done until any other steps will be taken. [IMG]https://sites.google.com/site/cannedfixes/home/hosted-images-tools/remove%20outdated.jpg[/IMG][B] [U][COLOR=#000000]Uninstall some programs[/COLOR][/U][/B] We need to uninstall some programs. [LIST] [*]Press the [IMG]https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png[/IMG] + [B]R[/B] on your keyboard at the same time. Type [B]appwiz.cpl[/B] and click [B]OK[/B]. [*]Search there for each entry mentioned below, right-click the entry and click [B]Uninstall[/B] one at a time [/LIST] [B]The list of programs to uninstall:[/B] [LIST] [*][B]Best Buy pc app[/B] [*][B]Tuneup Pro[/B] [/LIST] After completing uninstalls, [B]please manually reboot[/B] your machine! [IMG]https://sites.google.com/site/cannedfixes/combofix/51a5bf3d99e8a-ComboFixlogo16.png[/IMG][B] [U][COLOR=blue]Fix with ComboFix[/COLOR][/U][/B] Let's prepare a Script for ComboFix to mark some things for being deleted. [LIST] [*]Press the [IMG]https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/WindowsKey.png[/IMG] + [B]R[/B] on your keyboard at the same time. [*]A [B]Run[/B] window should appear in the lower left corner. Type in [B]notepad.exe[/B] and press [B]Enter[/B]. [*]In the shown window paste in the following script: [code] Folder:: c:\users\Todd\AppData\Roaming\Systweak c:\program files (x86)\ResultsBay c:\users\Todd\AppData\Local\ArcadeParlor c:\program files (x86)\IObit c:\users\Todd\AppData\Roaming\IObit c:\programdata\IObit Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{1b0cf41e-334a-4984-a8a0-aa5affeb5482}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{39AD0726-986D-40F9-972B-E3BFA24B7745}] Driver:: {e34ff9ce-e6b6-450a-ace7-3acd1926facd}Gw64 Update ResultsBay Util ResultsBay File:: c:\windows\system32\drivers\{e34ff9ce-e6b6-450a-ace7-3acd1926facd}Gw64.sys ClearJavaCache:: [/code] [*]Go to [B]File[/B] menu and select [B]Save as[/B]. [*]Make sure that the [B]Save as type[/B] option is set to [COLOR=blue][B]Text files (*.txt)[/B][/COLOR] and the place to save will be your [B]desktop[/B]. [*]Name the file [B][COLOR=red]CFScript[/COLOR][/B] and select [B]Save[/B]. [/LIST] Your [B]CFScript.txt[/B] file should appear on your desktop. [B]Temporary disable your AntiVirus and AntiSpyware protection[/B] - instructions [URL='http://www.bleepingcomputer.com/forums/topic114351.html']here[/URL]. [LIST] [*]Now drag your [B]CFScript[/B] file and drop it onto the [IMG]https://sites.google.com/site/cannedfixes/combofix/51a5bf3d99e8a-ComboFixlogo16.png[/IMG] icon. [*]This will start ComboFix. [B]Let it run uninterrupted![/B] [*]A reboot may be needed during this run. Allow it. [*]When finished, it shall produce a log for you at [B]C:\ComboFix.txt[/B] and display it. [/LIST] Please include that log in your next reply. [IMG]http://forum.programosy.pl/images/smilies/icon_idea.gif[/IMG] If you'll encounter any issues with internet connection after running ComboFix, please visit [URL='http://www.bleepingcomputer.com/combofix/how-to-use-combofix#restore']this[/URL] link. [IMG]http://forum.programosy.pl/images/smilies/icon_idea.gif[/IMG] If an error about operation on the key marked for deletion will appear after running the tool, please reboot your machine. [IMG]http://forum.programosy.pl/images/smilies/icon_idea.gif[/IMG] Do not forget to turn on your previously switched-off protection software! [IMG]https://sites.google.com/site/cannedfixes/adwcleaner/adwcleaner_new.png[/IMG] [B] [U][COLOR=blue]Fix with AdwCleaner[/COLOR][/U][/B] Please download [URL='http://www.bleepingcomputer.com/download/adwcleaner/'][B]AdwCleaner[/B][/URL] by Xplode and save the file to your desktop. [LIST] [*]Right-click on [IMG]https://sites.google.com/site/cannedfixes/adwcleaner/adwcleaner_new.png[/IMG] icon and select [IMG]https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg[/IMG] [B] Run as Administrator[/B] to start the tool. [*]Follow the prompts and click [B]Scan[/B]. [*]When finished, please click [B]Clean[/B]. [*]Upon completion, click Report. A log ([B]AdwCleaner[S*].txt)[/B] will open. [/LIST] Please include the contents of that file in your reply. [IMG]https://sites.google.com/site/cannedfixes/malwarebytes-anti-malware/51a46ae42d560-malwarebytes_anti_malware.png[/IMG] [B] [U][COLOR=blue]Scan with Malwarebytes' Anti-Malware[/COLOR][/U][/B] Please download [URL='http://www.malwarebytes.org/products/'][COLOR=#ff0000][B]Malwarebytes Anti-Malware[/B][/COLOR][/URL] and save it to your desktop. [LIST] [*]Install the progam and select [B]update[/B]. [*]Once updated, click the [B]Settings[/B] tab, in the left panel choose [B]Detctions & protection[/B] and tick [B]Scan for rootkits[/B]. [*]Click the [B]Scan[/B] tab, choose [B]Threat Scan[/B] is checked and click [B]Scan Now[/B]. [*]If threats are detected, click the [B]Apply Actions[/B] button. You will now be prompted to reboot. Click [B]Yes[/B]. [*]Upon completion of the scan (or after the reboot), click the [B]History[/B] tab. [*]Click [B]Application Logs[/B] and double-click the [B]Scan Log[/B]. [*]At the bottom click [B]Export[/B] and choose [B]Text file[/B]. [/LIST] Save the file to your desktop and include its content in your next reply. [/QUOTE]
Insert quotes…
Verification
Post reply
Top