Avast WEBforum
Other => Viruses and worms => Topic started by: jagdeep Bajaj on September 09, 2013, 06:33:18 AM
-
hello
whenever i open my browser i see this search engine snap.do(search.snapdo.com/?st=nt&q=). it looks like a nagging virus/malware to me. it has slowed down my laptop. the dds.txt and attact.txt are attached.
kindly help me out
thank you
-
hey and welcome to the forum. please follow this guide and attach your logs.
http://forum.avast.com/index.php?topic=53253.0
a malware expert will help you from there.
-
Hi jagdeep Bajaj, download and run AdwCleaner
http://forum.avast.com/index.php?topic=53253.0
------ Next ------
Please download zoek.zip ((http://www.mcshield.net/personal/magna86/Images/Zoek_icon.png)) from here (http://hijackthis.nl/smeenk) or here (http://home.kpn.nl/stefsmeenk/zoek.exe) and save it to your Desktop.
Unpack the archive...
- Close any open browsers
- Temporarily disable your AntiVirus program. (If necessary)
If you are unsure how to do this please read this (http://www.techsupportforum.com/forums/f50/how-to-disable-your-security-applications-490111.html) or this (http://www.bleepingcomputer.com/forums/topic114351.html) Instruction.
- Double click on zoek.exe to run the tool .
Please wait while the tool does not start...
- Copy the text present inside the code box below and paste it into the large window in the zoek tool:
filesrcm;
startupall;
skipfix-iedefaults;
firefoxlook;
chromelook;- Click on (http://www.mcshield.net/personal/magna86/Images/Run%20Script%20by%20zoek.png) button.
Please wait until a logreport will open (this can be after reboot)
- Save notepad to your Desktop and attach here zoek-results.log
Note: It will also create a log in the C:\ directory named "zoek-results.log"
-
thyself helping magna here
http://forum.avast.com/index.php?topic=134082.msg986121#new
-
hello
yes magna is helping me in another thread but that is of my office P.C. and it is almost solved.
the problem mentioned here is of my home laptop.
i ran zoek as per your instructions and the log is attached
-
Re-run zoek with this script
emptyclsid;
C:\Program Files (x86)\Winamp Toolbar;fs
C:\users\Jagdeep\AppData\Local\Winamp Toolbar;fs
C:\ProgramData\Winamp Toolbar;fs
C:\Users\Jagdeep\AppData\Local\Smartbar\Application;fs
[HKEY_USERS\S-1-5-21-2382360282-1360722930-1941866962-1000\Software\Microsoft\Windows\CurrentVersion\Run];r
"Browser Infrastructure Helper"=-;r
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run];r
"Browser Infrastructure Helper"=-;r
amfclgbdpgndipgoegfpkkgobahigbcl;chr
{006ee092-9658-4fd6-bd8e-a21a348e59f5};c
{EEE7E0A3-AE64-4dc8-84D1-F5D7BAF2DB0C};c
iedefaults;
emptyalltemp;
autoclean;
-
the log is attached
-
Whether it is okay?
-
the snapdo has not gone it is still there in chrome
-
Rerun zoek with this script:
chrdefaults;
emptyclsid;
autoclean;
(http://imageshack.us/a/img841/7292/thisisujrt.gif) Please download Junkware Removal Tool (http://www.bleepingcomputer.com/download/junkware-removal-tool/) to your desktop.
- Shut down your protection software now to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
- Post the contents of JRT.txt into your next message.
-
the files are attached
-
Feedback??
-
snapdo is gone i suppose as it is not appearing in chrome.
thanks :)
-
OK, remove DDS and zoek, greeting.