Hi, Avast have also detected such threat on my laptop:
URL: http://opticguardzip.net/…
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
Scan logs will follow
thanks
Hi, Avast have also detected such threat on my laptop:
URL: http://opticguardzip.net/…
Infection: URL:Mal
Process: C:\Windows\System32\svchost.exe
Scan logs will follow
thanks
Here they are…
Thanks a lot
Hello,
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
Scan with ZOEK
Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one)
Temporary disable your AntiVirus and AntiSpyware protection - instructions here.
[*]Right-click on
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/51a612a8b27e2-Zoek.png
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
[]Wait patiently until the main console will appear, it may take a minute or two.
[]In the main box please paste in the following script:
createsrpoint;
autoclean;
emptyalltemp;
bitsadmin /reset /allusers;b
ipconfig /flushdns;b
[*]Make sure that Scan All Users option is checked.
[*]Push Run Script and wait patiently. The scan may take a couple of minutes.
[*]When the scan completes, a zoek-results logfile should open in notepad.
[*]If a reboot is needed, it will be opened after it. You may also find it at your main drive (usually C:\ drive)
Post its content into your next reply.
Hello,
here it is.
thanks for your help
Re-run zoek and run this script:
createsrpoint;
autoclean;
C:\Users\samsung\AppData\Local\Google\Chrome\User Data\Default\Preferences;f
emptyalltemp;
Post its content into your next reply.
Ok, done
How’s your computer behaving now?
Well, the threat was detected 2 times this morning, (it happens around 1 time every 2 hours).
Since the first scan of ZOEK, it hasn’t been reproduced.
I cross my fingers, thanks.
I let you know if it’s ok
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
Scan with Farbar Recovery Scan Tool
Please re-run Farbar Recovery Scan Tool to give me a fresh look at your system.
[*]Right-click on
https://sites.google.com/site/cannedfixes/farbar-recovery-scan-tool/FRST.gif
icon and select
https://sites.google.com/site/cannedfixes/home/hosted-images-tools/RunAsAdmin.jpg
Run as Administrator to start the tool.
(XP users click run after receipt of Windows Security Warning - Open File).
[*]Make sure that Addition option is checked.
[*]Press Scan button and wait.
[*]The tool will produce two logfiles on your desktop: FRST.txt and Addition.txt.
Please include their content into your next reply.
the results in attachment
Excellent, any problems?
No more!
big big thanks, no gonna need to educate a little bit my parents in web surfing…
The following will implement some post-cleanup procedures:
Download DelFix by Xplode and save it to your desktop.
[*]Run the tool by right click on the
http://www.imgdumper.nl/uploads6/51a5ce45267c1/51a5ce45263de-delfix.png
icon and Run as administrator option.
[*]Make sure that these ones are checked:
[]Remove disinfection tools
[]Purge system restore
[*]Reset system settings
[*]Push Run and wait until the tool completes his work.
All tools we used should be gone. Tool will create an report for you (C:[B]DelFix.txt)
The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.