Hi folks,
Thanks in advance for any help offered. I got the above message today, read on the net a solution, to download Farbar recovery scan tool. Did that, scanned computer, now have the 3 log files which I have attached to this message. What is the next step please?
(notice for myself: chr; )
Hello,
I shall assist you with malware removal. First what you need to do is to uninstall bad adware programs from Programs and Feautres (Start > Control Panel);
[b]- DMUninstaller
- Zip Opener Packages[/b]
Then …
1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system
Start File: C:\Windows\System32\spd__l.dll File: C:\Windows\System32\sugs1l6.dll CloseProcesses: Task: {06F283D6-FF2F-4C50-A4DA-3C3A17D4DDD0} - \BonanzaDealsUpdate No Task File <==== ATTENTION Task: {29466B87-E921-4B14-BBF0-1C6E5676BE33} - System32\Tasks\DigitalSite => C:\Users\Roggie\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {9AA770BE-DF9D-4E11-AFA8-4EE52FD88BA3} - System32\Tasks\Rocket Updater => C:\Users\ADMINI~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: {D6A7E6D9-09C4-4D71-AB2E-75EF5D1AF0FD} - System32\Tasks\Sk-Enhancer-S-5902107913 => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe <==== ATTENTION Task: C:\Windows\Tasks\DigitalSite.job => C:\Users\Roggie\AppData\Roaming\DIGITA~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\Rocket Updater.job => C:\Users\ADMINI~1\AppData\Roaming\ROCKET~1\UPDATE~1\UPDATE~1.EXE <==== ATTENTION Task: C:\Windows\Tasks\Sk-Enhancer-S-5902107913.job => c:\programdata\quickset\sk-enhancer\Sk-Enhancer.exe <==== ATTENTION AlternateDataStreams: C:\ProgramData\TEMP:373E1720 Hosts: HKLM Group Policy restriction on software: C:\Program Files\AVAST Software <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Malwarebytes <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\McAfee <====== ATTENTION HKLM Group Policy restriction on software: C:\Documents and Settings\All Users\Application Data\Symantec <====== ATTENTION AppInit_DLLs: C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL => C:\PROGRA~2\SW-BOO~1\ASSIST~2.DLL File Not Found AppInit_DLLs-x32: c:\progra~2\sw-boo~1\assist~1.dll => "c:\progra~2\sw-boo~1\assist~1.dll" File Not Found SearchScopes: HKLM - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites04_14_24_ie&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzytCzytDtBzzyE0F0AyCyBtN0D0Tzu0SzzzyyDtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2SyBtAyD0B0DyBtB0CtGyB0AyE0CtGzyyE0BzztGyC0D0E0DtGyD0DtBzztCtCtB0A0ByB0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtCzytA0AyBtAyDtG0AyBzytAtGyD0B0B0BtG0ByD0ByCtGtC0EyB0ByEyBtBtAtDyEyC0D2Q&cr=1166124425&ir= SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://rocket-find.com/results.php?f=4&q={searchTerms}&a=rckt_dsites04_14_24_ie&cd=2XzuyEtN2Y1L1QzuyDtD0EyDyEzytCzytDtBzzyE0F0AyCyBtN0D0Tzu0SzzzyyDtN1L2XzutBtFtBtCtFyEtFtCtN1L1Czu0R1F1R1J1P2ZtN1L1G1B1V1N2Y1L1Qzu2SyBtAyD0B0DyBtB0CtGyB0AyE0CtGzyyE0BzztGyC0D0E0DtGyD0DtBzztCtCtB0A0ByB0FyE2QtN1M1F1B2Z1V1N2Y1L1Qzu2SyEtCzytA0AyBtAyDtG0AyBzytAtGyD0B0B0BtG0ByD0ByCtGtC0EyB0ByEyBtBtAtDyEyC0D2Q&cr=1166124425&ir= SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: YoutubeAdblocker -> {5DB0A450-4826-1BC4-AE00-879874D30E27} -> No File BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File BHO-x32: No Name -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> No File BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] () EmptyTemp: C:\Windows\System32\AppleChargerSrv.exe C:\ProgramData\6030201.bat C:\ProgramData\6030201.pad C:\ProgramData\6030201.reg C:\Users\Roggie\AppData\Roaming\DIGITA~1 C:\Users\ADMINI~1\AppData\Roaming\ROCKET~1 c:\programdata\quickset End
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It’s important that both files, FRST and fixlist.txt are in the same location or the fix will not work.
3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.