Operating System
Windows 7
Infection date and initial symptoms
I noticed the issue today. almost any links I click on firefox or IE I get pop ups telling me to update all sorts of media players and sometime even attempt to download a file. on some sites it will not let me proceed to the link I am clicking/
Current issues and symptoms
I noticed the issue today. almost any links I click on firefox or IE I get pop ups telling me to update all sorts of media players and sometime even attempt to download a file. on some sites it will not let me proceed to the link I am clicking/
Steps taken in order to remove the infection
I followed your guide at: http://malwaretips.com/blogs/malware-removal-guide-for-windows/ but no success :/

TwinHeadedEagle

Removal Expert
Staff member
Verified
Hi,


I noticed you have more than one antivirus installed. Only one is optimal. Choose whether to uninstall Ad-Aware or Microsoft or AVG. You can leave only one.

Go to Control Panel and remove outdated Java versions. Download fresh one from here --> http://www.java.com/en/



***** NEXT *****



Download attached fixlist.txt on the same location as FRST (otherwise the fix won't work)
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Open FRST, and click Fix. Attach me that report after it is finished.
 

Attachments

TwinHeadedEagle

Removal Expert
Staff member
Verified
Ok, we're going to do two steps:



Please download zoek.zip or zoek.rar by smeenk (
) from here or here and save it to your Desktop.
Unpack the archive...
  • Close any open browsers
  • Temporarily disable your AntiVirus program. (If necessary)
    If you are unsure how to do this please read this or this Instruction.
  • Double click on zoek.exe to run the tool .
    Please wait while the tool does not start...
  • Copy the text present inside the code box below and paste it into the large window in the zoek tool:
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

    Code:
    createsrpoint;
    emptyfolderscheck;delete
    autoclean;
    emptyclsid;
    emptyalltemp;
    ipconfig /flushdns;b
  • Click on
    button.
    Please wait until a logreport will open (this can be after reboot)
  • Save notepad to your Desktop and attach here zoek-results.log
    Note: It will also create a log in the C:\ directory named "zoek-results.log"



***** NEXT *****



Try to reset your router if step above didn't help you.
 

Ori

New Member
question before I do that - I have two users defined on that machine, both with admin level - is it enough to do this only on one of them or should I do both?
 

Ori

New Member
I think so. will know for sure in a day or two. for now I consider it done. Thanks again my good man.
 

TwinHeadedEagle

Removal Expert
Staff member
Verified
Ok :)


For future protection I can recommend you:
- Adblock --> https://adblockplus.org/en/chrome
- Unchecky --> http://unchecky.com/



The following will implement some post-cleanup procedures:

=> Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.