Reply to thread

Message: <blockquote data-quote="Jack" data-source="post: 64730" data-attributes="member: 1">OK,We're almost done!Glad to see that you've got your files back<img src="data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7" class="smilie smilie--sprite smilie--sprite109" alt=":)" title="Smile    :)" loading="lazy" data-shortname=":)" />Please run the below steps:STEP 1: Run a HitmanPro scan<ol>    <li><>Download the latest official version of HitmanPro</>.<a href="http://www.surfright.nl/en/hitmanpro/" rel="nofollow" target="_blank"> <>HITMANPRO DOWNLOAD LINK</></a> (This link will open a download page in a new window from where you can download HitmanPro)</li>    <li>Start HitmanPro by <>double clicking on the previously downloaded file.</> and then following the prompts.>>> IF you are experiencing problems while trying to start HitmanPro, you can use the Force Breach mode.To start HitmanPro in Force Breach mode, hold down the left CTRL-key when you start HitmanPro and all non-essential processes are terminated, including the malware process. (<a href="http://www.youtube.com/watch?v=m6eRWTv2STk" target="_blank">How to start HitmanPro in Force Breach mode – Video</a>)<img src="http://malwaretips.com/images/removalguide/hpro4.png" alt="[Image: hitmanproscan4.png]" border="0" /></li>    <li>Once the scan is complete, a screen displaying all the malicious files that the program found will be shown as seen in the image below.After reviewing each malicious object click <>Next</> .<img src="http://malwaretips.com/blogs/wp-content/uploads/2012/02/rsz_hpro5.png" alt="[Image: hitmanproscan5.png]" border="0" /></li>    <li>Click <>Activate free license</> to start the free 30 days trial and remove the malicious files.<img src="http://malwaretips.com/images/removalguide/hpro6.png" alt="[Image: hitmanproscan6.png]" border="0" /></li>    <li>HitmanPro will now start removing the infected objects, and in some instances, may suggest a reboot in order to completely remove the malware from your system. In this scenario, always confirm the reboot action to be on the safe side.</ol>Add to your next  reply, any log that HitmanPro might generate.<hr />STEP 2 : Your <>JAVA</> is out of date ,so we need to updated it. <img src="http://users.telenet.be/bluepatchy/miekiemoes/images/javaicon.gif" alt="Posted Image" /> <>UPDATE JAVA</>Your version of <>Java</><> is out of date</>. Older versions have vulnerabilities that malicious sites can use to exploit and infect your system. Please follow these steps to remove older versions of <>Java</> components and update:<ul>    <li>Please download <a title="External link" href="http://singularlabs.com/software/javara/javara-download/" rel="nofollow external"><>JavaRa</></a> to your desktop.<ul>    <li>Click the <>Download</> button next to <>Windows Binary (.zip)</> Version 1.16 to download <>JavaRA</> and unzip it to its own folder.</li></ul></li>    <li><>Run JavaRa.exe</></li>    <li>Pick the language of your choice and click <>Select</>. Then click <>Remove Older Versions</>. Accept any prompts.<img src="http://singularlabs.com/wp-content/uploads/2011/05/JavaRa1.png" alt="Posted Image" /></li>    <li><>Open JavaRa.exe again</> and select <>Search For Updates</>.</li>    <li>Select <>Update Using Sun Java's Website</> then click <>Search</> and click on the <>Open Webpage</> button. Download and install the latest Java Runtime Environment (JRE) version for your computer.</li></ul><hr />STEP 3: Run a scan with OTL by OldTimer<ol><li>You can download the OTL utility from the below link : <><a title="External link" href="http://oldtimer.geekstogo.com/OTL.exe" rel="nofollow external">OTL DOWNLOAD LINK</a> (This link will automatically download OTL on your computer)</></li><li>Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.<img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/OTL-logo.png" alt="" title="OTL-logo" width="106" height="118" class="alignnone size-full wp-image-3946" /></li><li>When the window appears, <>underneath Output</> at the top change it to <>Minimal Output</>.</li><li>Check the boxes beside <>LOP Check</> and <>Purity Check</>.</li><li>Under the Custom Scan box paste this in:<code>%SYSTEMDRIVE%\*.exe%ALLUSERSPROFILE%\Application Data\*.exe%APPDATA%\*./md5startatapi.sysexplorer.exewinlogon.exeUserinit.exesvchost.execsrss.exePrintIsolationHost.execonsrv.dll/md5stop%systemroot%\*. /mp /shklm\software\clients\startmenuinternet|command /rshklm\software\clients\startmenuinternet|command /64 /rs%systemroot%\system32\*.dll /lockedfiles%systemroot%\Tasks\*.job /lockedfiles%systemroot%\system32\drivers\*.sys /lockedfilesCREATERESTOREPOINT</code></li><li>Click the<> Run Scan</> button.<img src="http://malwaretips.com/blogs/wp-content/uploads/2012/07/otl-custom.png" alt="" title="OTL with Custom scans" width="658" height="584" class="alignnone size-full wp-image-3945" /></li><li>When the scan completes, it will open a <>OTL.Txt</>. This will be saved in the same location as OTL.<>Please post this log in your next reply.</>.</li></ol>Note: If OTL.exe will not run, it may be blocked by malware. Try these alternate versions: <a title="External link" href="http://www.itxassociates.com/OT-Tools/OTL.scr" rel="nofollow external">OTL.scr</a>, or <a title="External link" href="http://oldtimer.geekstogo.com/OTL.com" rel="nofollow external">OTL.com</a>.<hr />What's next?Attach the following logs to your post (You can find <a href="http://malwaretips.com/Thread-How-to-use-the-attachment-system?pid=16072#pid16072" target="_blank">here</a> details on how to use the Attachment System): 1.HitmanPro log2.OTL logs3.Let me know if you had any problems with the above instructions and also let me know how things are running now!</blockquote>

Verification

Top