Infection warning - 4dlmng.com

[argus]

Please download zoek.zip or zoek.rar by smeenk () from here or here and save it to your Desktop.
Unpack the archive...

• Close any open browsers
• Temporarily disable your AntiVirus program. (If necessary)
  If you are unsure how to do this please read this or this Instruction.
  
  
• Double click on zoek.exe to run the tool .
  Please wait while the tool does not start...
  
  
• Copy the text present inside the code box below and paste it into the large window in the zoek tool:

Code: [Select]

c:\users\Lindy\AppData\Local\FindAndRemind;fs
c:\users\Lindy\AppData\Roaming\GiveasyouLive;fs
{724b95aa-2c31-4125-b832-c3190c8338ce};c
{087069fe-8e5d-4995-9df1-d30988c8108f};c
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar];r
"{087069fe-8e5d-4995-9df1-d30988c8108f}"=-;r
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar];r64
"{087069fe-8e5d-4995-9df1-d30988c8108f}"=-;r64
[-HKEY_CLASSES_ROOT\FindAndRemind.Toolbar];r
[-HKEY_CLASSES_ROOT\FindAndRemind.Toolbar];r64
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run];r
"GiveasyouLiveHelper"=-;r
autoclean;

• Click on button.
  Please wait until a logreport will open (this can be after reboot)
  
  
• Save notepad to your Desktop and attach here zoek-results.log
  Note: It will also create a log in the C:\ directory named "zoek-results.log"
  

.










Please download Farbar Recovery Scan Tool () by Farbar and save it to your desktop.

Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them.
Only one of them will run on your system, that will be the right version.

• Double-click to run it. When the tool opens click Yes to disclaimer.
  
• Press Scan button.
  
• It will make a log (FRST.txt) in the same directory the tool is run. Please attach it to your reply.
  
• The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.

[matt_mk]

hi argus,

When I went to the websites for zoek I got a malware threat warning and also the files zoek.zip and zoek.rar would not download??

[argus]

When I went to the websites for zoek I got a malware threat warning

Turn off Avast.

[matt_mk]

I have run zoek.exe and now after rebooting there is just a black screen??

[argus]

Reboot your PC.

[matt_mk]

Files as requested.

Incidentally when I went on the zoek website a green card type ad popped up.

[argus]

1. Open notepad and copy/paste the text present inside the code box below.
To do this highlight the contents of the box and right click on it. Paste this into the open notepad.
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to the operating system

Code: [Select]

Start
U5 AppMgmt; C:\Windows\system32\svchost.exe [27648 2011-03-01] (Microsoft Corporation)
CMD: ipconfig /flushdns
End
2. Save notepad as fixlist.txt to your Desktop.
NOTE: => It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.


3. Run FRST/FRST64 and press the Fix button just once and wait.
If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.

The tool will make a log on the Desktop (Fixlog.txt). Please attach it to your reply.
Note: If the tool warned you about the outdated version please download and run the updated version.

[djk024]

he guys,
I've got the same problem.
It's driving me a bit crazy cause every 10 sec it pops up...

I must say that I'm a digital nono...
When reading the beginning of this subject I was lost after the first few words.
Is there an easy way of telling me what to do.
Other then throwing my laptop out the window 
thx

[argus]

Create new topic.

[Pondus]

@djk024   

Is there an easy way of telling me what to do.

yes, if you start your own topic you will get step by step instructions...

[matt_mk]

File attached

[argus]

@matt_mk what the situation is now?

[matt_mk]

All appears fine again.  I'll see how things go...

[matt_mk]

Sadly it has come back.

[argus]

Re-run Malwarebytes Anti-Rootkit again.