i have ran all cleaner provided in help section to this website and still have not found or rid my self of the problem avast says being started in windows\system32\svchost.exe and when clicking more on avast it list url as h_www_freeresultsguide_com__?dn so while avast is stopping it from cause any harm i would love to remove it but have had no luck even finding it so guessing question is how do i remove it or am i just better off re formatting my computer
url malware that i cant find and remove
- Thread starter brandon
- Start date
- Mar 8, 2013
- 22,627
Hi,
Please download zoek.zip or zoek.rar by smeenk (
) from here or here and save it to your Desktop.
Unpack the archive...
Please download zoek.zip or zoek.rar by smeenk (
Unpack the archive...
- Close any open browsers
- Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this or this Instruction.
- Double click on zoek.exe to run the tool .
Please wait while the tool does not start...
- Copy the text present inside the code box below and paste it into the large window in the zoek tool:
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:createsrpoint; gpt.ini;z C:\Windows\System32\GroupPolicy;v C:\Windows\SysWOW64\GroupPolicy;v StandardSearch; emptyfolderscheck; installer-list; installedprogs; uninstall-list; - Click on
button.
Please wait until a logreport will open (this can be after reboot)
- Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named "zoek-results.log"
ummm if i try download zoek avast stops it and list it as win32:malware-gen even when i turn off active shields so i booted into safe mode with networking to run zoek
Last edited:
zoek results, pop ups that avast has found threat seemed to have stopped so the next question is i also have a 32 bit windows 7 machine that is having the same issue will same line code work or will i need get on that computer and send you specs.
Last edited:
- Mar 8, 2013
- 22,627
> Re-run zoek with the script below and attach here fresh zoek log results.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Code:
C:\Windows\System32\GroupPolicy\gpt.ini;f
C:\Windows\SysWOW64\GroupPolicy\gpt.ini;f
C:\Windows\System32\GroupPolicy\Machine;fs
C:\Windows\System32\GroupPolicy\User;fs
cekmkdkefndbeciggfanobcemjnppbbb;chr
dejbkimnkeigljgdhinmpobjfoakblmh;chr
dhbopdgifdcfbhjicegigefacaeepopp;chr
autoclean;
emptyalltemp;
emptyclsid;
ipconfig /flushdns;b- Mar 8, 2013
- 22,627
seems to be fine from first line we ran no more pop up of url malware although avast wont leave zoek alone so i have been running it in safe mode, so as this computer seems to be fixed i now need help with my other my other computer in the house which is running 32 bit of windows and has the same url malware so i guessing i will need different script?
- Mar 8, 2013
- 22,627
ok i am back and have reports for windows 7 32 bit machine so far no pop up for url malware so I think its fixed
- Mar 8, 2013
- 22,627
umm it has returned avast warning of url malware so nope not ok >.< ( seen another post with same problem and you suggested malwarebytes anti rootkit so i will try this since i haven't) nothing found with root kit reran scripts in zoek problems seems subsided again, questioning if parents are getting crap off facebook as i only get on computer now days to try fix it or check my e-mail or do college school work. If makes any difference i got on today and windows was configuring and update and boom url malware same one pops up in warning window from avast
Last edited:
- Mar 8, 2013
- 22,627
Similar threads
-
- Locked
