Forums
New posts
Search forums
News
Security News
Technology News
Giveaways
Giveaways, Promotions and Contests
Discounts & Deals
Reviews
Users Reviews
Video Reviews
Support
Windows Malware Removal Help & Support
Mac Malware Removal Help & Support
Mobile Malware Removal Help & Support
Blog
Log in
Register
What's new
Search
Search titles only
By:
Search titles only
By:
Reply to thread
Menu
Install the app
Install
JavaScript is disabled. For a better experience, please enable JavaScript in your browser before proceeding.
You are using an out of date browser. It may not display this or other websites correctly.
You should upgrade or use an
alternative browser
.
Forums
Support
Windows Malware Removal Help & Support
PC health kit
Message
<blockquote data-quote="TwinHeadedEagle" data-source="post: 180942" data-attributes="member: 6533"><p>Very good <img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile :)" loading="lazy" data-shortname=":)" /></p><p></p><p></p><p>Open notepad and copy/paste the text present inside the code box below:</p><p><span style="font-size: 12px"><span style="color: red"><strong>NOTICE:</strong> This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system</span></span></p><p></p><p><span style="color: #b35900">[code]</span></p><p><span style="color: #b35900">Folder::</span></p><p><span style="color: #b35900">c:\program files (x86)\Mega Browse</span></p><p><span style="color: #b35900">c:\program files (x86)\Linkey</span></p><p><span style="color: #b35900">c:\program files (x86)\MyPC Backup</span></p><p><span style="color: #b35900">c:\programdata\~0</span></p><p><span style="color: #b35900">c:\program files (x86)\Settings Manager</span></p><p><span style="color: #b35900">c:\programdata\systemk</span></p><p><span style="color: #b35900">c:\users\hogan\AppData\Roaming\Activeris</span></p><p><span style="color: #b35900">c:\programdata\Activeris</span></p><p><span style="color: #b35900">c:\program files (x86)\Activeris AntiMalware</span></p><p><span style="color: #b35900">c:\progra~2\Linkey</span></p><p><span style="color: #b35900"></span></p><p><span style="color: #b35900">File::</span></p><p><span style="color: #b35900">c:\windows\system32\acrisnative64.exe</span></p><p><span style="color: #b35900"></span></p><p><span style="color: #b35900">Registry::</span></p><p><span style="color: #b35900">[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}]</span></p><p><span style="color: #b35900">[-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4e6cd411-ce62-4584-97ff-6afbcf6900af}]</span></p><p><span style="color: #b35900">[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]</span></p><p><span style="color: #b35900">"AppInit_DLLs"=-</span></p><p><span style="color: #b35900"></span></p><p><span style="color: #b35900">Driver::</span></p><p><span style="color: #b35900">hlnfd</span></p><p><span style="color: #b35900">Updater Service</span></p><p><span style="color: #b35900">Update Mega Browse</span></p><p><span style="color: #b35900">Util Mega Browse</span></p><p><span style="color: #b35900"></span></p><p><span style="color: #b35900">ClearJavaCache::</span></p><p><span style="color: #b35900">[/code]</span></p><p></p><p>Save this as <strong>CFScript.txt </strong></p><p></p><p><img src="http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif" alt="" class="fr-fic fr-dii fr-draggable " style="" /></p><p></p><p>Close all browser windows and refering to the picture above.</p><p></p><p>Referring to the screenshot above, drag CFScript.txt into ComboFix.exe.</p><p>ComboFix will will re-run. When finished, it will produce a log for you.</p><p>Attach the contents of the log in your next reply. (typical location: C:\<strong>ComboFix.txt</strong> )</p><p></p><p></p><p></p><p style="text-align: center"><strong><span style="color: #00b300">***** NEXT *****</span></strong></p><p></p><p></p><p></p><p>Please download <span style="color: blue"><strong>zoek.zip</strong></span> or <span style="color: blue"><strong>zoek.rar</strong></span> by <strong>smeenk</strong> (<img src="http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png" alt="" class="fr-fic fr-dii fr-draggable " style="" />) from <a href="http://hijackthis.nl/smeenk/" target="_blank"><strong><span style="color: green"><u>here</u></span></strong></a> or <a href="http://home.kpn.nl/stefsmeenk/zoek.exe" target="_blank"><strong><span style="color: green">here</span></strong></a> and save it to your <strong>Desktop</strong>.</p><p><em><span style="font-size: 12px">Unpack the archive...</span></em></p><ul> <li data-xf-list-type="ul">Close any open browsers</li> <li data-xf-list-type="ul">Temporarily disable your <strong>AntiVirus</strong> program. (<em>If necessary</em>)<br /> <span style="font-size: 12px"> If you are unsure how to do this please read <a href="http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html" target="_blank"><strong><em>this</em></strong></a> or <a href="http://www.bleepingcomputer.com/forums/topic114351.html" target="_blank"><em><strong>this</strong></em></a> Instruction.</span><br /> </li> <li data-xf-list-type="ul">Double click on <strong>zoek.exe</strong> to run the tool .<br /> <em>Please wait while the tool does not start...</em><br /> </li> <li data-xf-list-type="ul">Copy the text present inside the code box below and paste it into the large window in the zoek tool:<br /> <span style="font-size: 12px"><span style="color: red"><strong>NOTICE:</strong> This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system</span></span><br /> <br /> <span style="color: #b35900">[code]<br /> autoclean;<br /> emptyclsid;<br /> emptyalltemp;<br /> ipconfig /flushdns;b<br /> [/code]</span><br /> </li> <li data-xf-list-type="ul">Click on <img src="http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png" alt="" class="fr-fic fr-dii fr-draggable " style="" /> button.<br /> <em>Please wait until a logreport will open (this can be after reboot)</em><br /> </li> <li data-xf-list-type="ul">Save notepad to your Desktop and attach here <strong>zoek-results.log</strong><br /> <em><strong><span style="color: red">Note:</span></strong><span style="color: blue"> It will also create a log in the <strong>C:\ </strong>directory named "<strong>zoek-results.log</strong>"</span></em></li> </ul><p></p><p></p><p></p><p style="text-align: center"><strong><span style="color: #00b300">***** NEXT *****</span></strong></p><p></p><p></p><p></p><p>Tell me how is the situation now?</p><p></p><p></p><p><strong><span style="color: #00b3b3">==========================================================================================================</span></strong></p><p><strong>Things I need you to do:</strong></p><p>- <em><span style="color: #00b300">ComboFix report</span></em></p><p>- <em><span style="color: #00b300">Zoek report</span></em></p><p>- <em><span style="color: #00b300">How is the situation now?</span></em></p><p><span style="color: #00b3b3">=======================================================================================================================</span></p></blockquote><p></p>
[QUOTE="TwinHeadedEagle, post: 180942, member: 6533"] Very good :) Open notepad and copy/paste the text present inside the code box below: [SIZE=3][COLOR=red][B]NOTICE:[/B] This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system[/COLOR][/SIZE] [COLOR=#b35900][code] Folder:: c:\program files (x86)\Mega Browse c:\program files (x86)\Linkey c:\program files (x86)\MyPC Backup c:\programdata\~0 c:\program files (x86)\Settings Manager c:\programdata\systemk c:\users\hogan\AppData\Roaming\Activeris c:\programdata\Activeris c:\program files (x86)\Activeris AntiMalware c:\progra~2\Linkey File:: c:\windows\system32\acrisnative64.exe Registry:: [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4D9101D6-5BA0-4048-BDDE-7E2DF54C8C47}] [-HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{4e6cd411-ce62-4584-97ff-6afbcf6900af}] [HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows] "AppInit_DLLs"=- Driver:: hlnfd Updater Service Update Mega Browse Util Mega Browse ClearJavaCache:: [/code][/COLOR] Save this as [B]CFScript.txt [/B] [IMG]http://img.photobucket.com/albums/v666/sUBs/CFScriptB-4.gif[/IMG] Close all browser windows and refering to the picture above. Referring to the screenshot above, drag CFScript.txt into ComboFix.exe. ComboFix will will re-run. When finished, it will produce a log for you. Attach the contents of the log in your next reply. (typical location: C:\[B]ComboFix.txt[/B] ) [CENTER][B][COLOR=#00b300]***** NEXT *****[/COLOR][/B][/CENTER] Please download [COLOR=blue][B]zoek.zip[/B][/COLOR] or [COLOR=blue][B]zoek.rar[/B][/COLOR] by [B]smeenk[/B] ([IMG]http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png[/IMG]) from [URL='http://hijackthis.nl/smeenk/'][B][COLOR=green][U]here[/U][/COLOR][/B][/URL] or [URL='http://home.kpn.nl/stefsmeenk/zoek.exe'][B][COLOR=green]here[/COLOR][/B][/URL] and save it to your [B]Desktop[/B]. [I][SIZE=3]Unpack the archive...[/SIZE][/I] [LIST] [*]Close any open browsers [*]Temporarily disable your [B]AntiVirus[/B] program. ([I]If necessary[/I]) [SIZE=3] If you are unsure how to do this please read [URL='http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html'][B][I]this[/I][/B][/URL] or [URL='http://www.bleepingcomputer.com/forums/topic114351.html'][I][B]this[/B][/I][/URL] Instruction.[/SIZE] [*]Double click on [B]zoek.exe[/B] to run the tool . [I]Please wait while the tool does not start...[/I] [*]Copy the text present inside the code box below and paste it into the large window in the zoek tool: [SIZE=3][COLOR=red][B]NOTICE:[/B] This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system[/COLOR][/SIZE] [COLOR=#b35900][code] autoclean; emptyclsid; emptyalltemp; ipconfig /flushdns;b [/code][/COLOR] [*]Click on [IMG]http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png[/IMG] button. [I]Please wait until a logreport will open (this can be after reboot)[/I] [*]Save notepad to your Desktop and attach here [B]zoek-results.log[/B] [I][B][COLOR=red]Note:[/COLOR][/B][COLOR=blue] It will also create a log in the [B]C:\ [/B]directory named "[B]zoek-results.log[/B]"[/COLOR][/I] [/LIST] [CENTER][B][COLOR=#00b300]***** NEXT *****[/COLOR][/B][/CENTER] Tell me how is the situation now? [B][COLOR=#00b3b3]==========================================================================================================[/COLOR] Things I need you to do:[/B] - [I][COLOR=#00b300]ComboFix report[/COLOR][/I] - [I][COLOR=#00b300]Zoek report[/COLOR][/I] - [I][COLOR=#00b300]How is the situation now?[/COLOR][/I] [COLOR=#00b3b3]=======================================================================================================================[/COLOR] [/QUOTE]
Insert quotes…
Verification
Post reply
Top