Author Topic: Luckysearch home page virus  (Read 7694 times)

0 Members and 1 Guest are viewing this topic.

REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #15 on: May 26, 2015, 08:43:39 AM »
Yesterday, I tried to run the program named "Zoek" but it was slow in performing the scan which took 4 hours in doing that. Can you tell me what happened?

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Luckysearch home page virus
« Reply #16 on: May 26, 2015, 11:56:23 PM »
It just got stuck. Post me fresh FRST logs for final analysist.

REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #17 on: May 29, 2015, 10:42:45 AM »
Here's the result:

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Luckysearch home page virus
« Reply #18 on: May 29, 2015, 09:12:39 PM »
Hello MatthewGo707,

For some reason, Zoek won't run properly. We could force him to finish his scan, nevertheless, just post fresh FRST logs to see where will that lead us.

REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #19 on: June 01, 2015, 01:46:21 PM »
Hello MatthewGo707,

For some reason, Zoek won't run properly. We could force him to finish his scan, nevertheless, just post fresh FRST logs to see where will that lead us.
You mean it take long time to scan? :O

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Luckysearch home page virus
« Reply #20 on: June 01, 2015, 06:54:56 PM »
No, I meant to say I need fresh sets of Farbar recovery scan tool (a.k.a FRST) logs ...    :)

https://forum.avast.com/index.php?topic=170920.msg1216849#msg1216849


REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #21 on: June 02, 2015, 05:08:14 AM »
OK, then.

REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #22 on: June 02, 2015, 05:13:40 AM »
Here is the outcome:

Offline magna86

  • Anti Malware Fighter
  • Avast Evangelist
  • Massive Poster
  • ***
  • Posts: 4235
    • Ambulanta MyCity Forum - ASAP Member
Re: Luckysearch home page virus
« Reply #23 on: June 08, 2015, 09:05:38 PM »
Hello,

Sorry for delay in my response, I had some personal life issues ...

Posted logs shows no malware on the PC. They is however some modifications that needs to be addressed.

First, reset Mozilla Firefox browser back to there defaults.
https://support.mozilla.org/en-US/kb/refresh-firefox-reset-add-ons-and-settings
https://support.mozilla.org/en-US/kb/reset-preferences-fix-problems

Next, you need to uninsall current version of Google Chrome, mark the options to delete your browsing data as well. Then, download fresh Google Chrome, install as usual, sign in to account (gmal) and all your data shall be synced.





Before you start with this, you may run AdwCleaner to target these registry remains ... here is instructions how to s'.
http://www.bleepingcomputer.com/download/adwcleaner/


The tool will start to update the database, please wait a bit.
Click on I agree button.
Click on the Scan button.
AdwCleaner will begin...be patient as the scan may take some time to complete.
After the scan has finished, click on the Report button...a logfile (AdwCleaner[R#].txt) will open in Notepad for review (where the largest value of # represents the most recent report).
The contents of the log file may be confusing. Unless you see a program name that you know should not be removed, don't worry about it. If you see an entry you want to keep, let me know about it.
Copy and paste the contents of that logfile in your next reply.
A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.








Glad I could help. Posted logs appear cleans and show no signs of active infection. You should be good to go ...   

We're gonna remove my used tools now as well as carry out some further cleaning and security settings. To learn more about how to protect yourself I'll give you a few tips for reading. 



The following will implement some post-cleanup procedures:



---     ---     ---     ---     ---
To uninstall and remove AdwCleaner:
  • Double click on adwcleaner.exe to run the tool;
  • Click on Uninstall and Confirm with Yes
---     ---     ---     ---     ---
Please download DelFix by Xplode to your Desktop.

Run the tool and check the following boxes below;
Remove disinfection tools
Create registry backup
Purge System Restore

Click Run button and wait a few seconds for the programme completes his work.
At this point all the tools we used here should be gone. Tool will create an report for you (C:\DelFix.txt)

The tool will also record healthy state of registry and make a backup using ERUNT program in %windir%\ERUNT\DelFix
Tool deletes old system restore points and create a fresh system restore point after cleaning.





Tip: Do not use security tools such as ComboFix, FRST, Zoek and the like. These are advanced security tool, should not be used without supervision.



---     ---     ---     ---     ---



Learn how to protect yourself:



=>  In order to stay protected it is very important that you regularly update all of your software and Windows Operating System.

It is important that you visit Windows Update regularly.
How to configure and use Automatic Updates in Windows

It's vital that you keep all your software up-to-date as older versions may have some security vulnerabilities. Keeping Java and Adobe update is priority.
Download and install latest version of Java
Download and install latest version of Adobe Reader




=>  I recommend that you use one of the fantastic opportunities provided by avast! AntiVirus.

For security protection, an active AntiVirus is required. If you want to reinforce your security setup I recommended additional security software and utilities:
Download and install Malwarebytes' Anti-Malware and perform 'Threat Scan' from time to time. Malwarebytes will detect and remove all traces of known malware.
Download and install MCShield Anti-Malware Tool to prevent infections transmitted via removable drives.
Download and install Unchecky to keeps your checkboxes clear by preventing installing additional adware and other PUP bad software.
Download and install AdBlock for safe web browser surfing without annoying and malicious advertising ads.




Extra text for reading:

Please visit and review PC Safety and Security - What Do I Need? for some helpful information.

Please visit FAQ - Answers to common security questions - Best Practices to read tips how to protect yourself against malware infection.

You may also visit and read What to do if your Computer is running slowly? if you like to read some basic geek stuff.




The specific type of infection:

Meet CryptoPrevent. Security app that shall attempt to prevent dangerous malware that encrypts certain types of files stored on your disk, like CryptoWall, CryptoLocker and simular clones.

More information about this family of malicious software: CryptoLocker Ransomware Information Guide and FAQ
Cryptolocker Ransomware: What You Need To Know and CryptoDefense and How_Decrypt Ransomware Information Guide and FAQ











Stay safe. 


Best Regards,
magna86


REDACTED

  • Guest
Re: Luckysearch home page virus
« Reply #24 on: June 14, 2015, 01:41:43 PM »
What if there is nothing wrong with my browsers? (which is Mozilla (has no modifications), and Chrome) Just asking due to my browsers being off the hook.