- Mar 8, 2013
- 22,627
I don't know how were you able to provide FRST reports. Please download fresh copy of FRST from the link above and try again. If it fails, please procede with ComboFix...
PC health kit
- Thread starter sahh
- Start date
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
- Mar 8, 2013
- 22,627
Very good 
Open notepad and copy/paste the text present inside the code box below:
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Save this as CFScript.txt
Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:\ComboFix.txt )
Please download zoek.zip or zoek.rar by smeenk (
) from here or here and save it to your Desktop.
Unpack the archive...
Tell me how is the situation now?
==========================================================================================================
Things I need you to do:
- ComboFix report
- Zoek report
- How is the situation now?
=======================================================================================================================
Open notepad and copy/paste the text present inside the code box below:
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:
Folder::
c:\program files (x86)\Mega Browse
c:\program files (x86)\Linkey
c:\program files (x86)\MyPC Backup
c:\programdata\~0
c:\program files (x86)\Settings Manager
c:\programdata\systemk
c:\users\hogan\AppData\Roaming\Activeris
c:\programdata\Activeris
c:\program files (x86)\Activeris AntiMalware
c:\progra~2\Linkey
File::
c:\windows\system32\acrisnative64.exe
Registry::
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4e6cd411-ce62-4584-97ff-6afbcf6900af}]
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"AppInit_DLLs"=-
Driver::
hlnfd
Updater Service
Update Mega Browse
Util Mega Browse
ClearJavaCache::Save this as CFScript.txt
Close all browser windows and refering to the picture above.
Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.
ComboFix will will re-run. When finished, it will produce a log for you.
Attach the contents of the log in your next reply. (typical location: C:\ComboFix.txt )
***** NEXT *****
Please download zoek.zip or zoek.rar by smeenk (
Unpack the archive...
- Close any open browsers
- Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
- Double click on zoek.exe to run the tool .
Please wait while the tool does not start...
- Copy the text present inside the code box below and paste it into the large window in the zoek tool:
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:autoclean; emptyclsid; emptyalltemp; ipconfig /flushdns;b - Click on
button.
Please wait until a logreport will open (this can be after reboot)
- Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named "zoek-results.log"
***** NEXT *****
Tell me how is the situation now?
==========================================================================================================
Things I need you to do:
- ComboFix report
- Zoek report
- How is the situation now?
=======================================================================================================================
- Mar 8, 2013
- 22,627
> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:
Linkey for Firefox;ff
Snap.Do;ff
Settings Manager;ff
Mega Browse;ff
Addons Engine;ff
SySaver;ff
autoclean;
emptyalltemp;
emptyclsid;
ipconfig /flushdns;bMozilla looks good. Chrome does not. I tried to capture the picture of the baseball player but had trouble for some reason. I no longer have Activerius antimalware on my computer. How else can I check to see how we are doing?
- Mar 8, 2013
- 22,627
I did that, but still didn't work so I defaulted to original settings and it looks good. Where does this leave us, kind sir?
- Mar 8, 2013
- 22,627
It seems just fine. Unbelievable that you helped me and I could follow thru, barely at times. Do we not need to run something to make sure all those malware threads are gone? Or do you already know that?
I have taken 'Total Defense " off my machine because it was interfering and it seems like a joke now. Any recommendations? I think I have the Windows Firewall on, but I have never really used it. Do you think I am vulnerable now?
I have taken 'Total Defense " off my machine because it was interfering and it seems like a joke now. Any recommendations? I think I have the Windows Firewall on, but I have never really used it. Do you think I am vulnerable now?
I see there is a six free license for Bitdefener on your website. I got a license number and says I can download it. BUT I am very nervous about downloading anything.
- Mar 8, 2013
- 22,627
We will clean all used tools in the last step. About Total Antivirus, I've never heard about it, but it seems like a decent one. Never use more than one antivirus. You can uninstall Spybot, because it is useless. Much better product is MalwareBytes, that you can use for occasional scan.
I can recommend you this software to avoid Adware in the future:
http://unchecky.com/
Read here how it works --> http://www.howtogeek.com/179758/how-to-avoid-junkware-offers-with-unchecky/
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
I can recommend you this software to avoid Adware in the future:
http://unchecky.com/
Read here how it works --> http://www.howtogeek.com/179758/how-to-avoid-junkware-offers-with-unchecky/
• The following will implement some post-cleanup procedures:
=> Please download DelFix by Xplode to your Desktop.
Run the tool and check the following boxes below;
Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.
Similar threads
