Jean Sugoi

Forum Replies Created

  • Jean Sugoi
    Jean Sugoi
    Keymaster
    4 years, 12 months ago

    You computer should be clean,
    If you’ve still have ads, please uninstall your browser and don’t forget to delete your browser profile during the process (if it’s asked). Once it’s reinstalled, everything should be fine.

    You can export your Bookmarks before doinf that :
    Firefox : https://support.mozilla.org/en-US/kb/export-firefox-bookmarks-to-backup-or-transfer
    Chrome : https://support.google.com/bookmarks/answer/178166?hl=en

    Jean Sugoi
    Jean Sugoi
    Keymaster
    4 years, 12 months ago

    Angela,

    Please do that :

    1.
    Download Emsisoft Emergency Kit and save it to your desktop. : http://www.emsisoft.com/en/software/eek/download/
    Double click on the EmsisoftEmergencyKit.exe icon, click Run then Extract
    Double click the Start Emsisoft Emergency Kit icon that will appear after extraction
    Click Yes to update the program
    Once the update is completed click the Back button
    Click on 2. Scan (not Quick Scan or Smart Scan)
    Click Yes to detect Potentially Unwanted Programs (PUPs)
    Patiently wait for the thorough scan to complete, this can be a lengthy process
    Once completed click Quarantine selected objects (if computer is clean you will not have this option) then click OK
    Click View Report
    Attach the report to your reply
    Close the program then click Close

    2.
    Download RogueKiller on the desktop : http://www.adlice.com/softwares/roguekiller/
    Close all the running processes
    Under Vista/Seven, right click -> Run as Administrator
    Otherwise just double-click on RogueKiller.exe
    When prompted, Click Scan
    A report should open, give its content to your helper. (RKreport could also be found next to the executable)
    If RogueKiller has been blocked, do not hesitate to try a few times more. If really won’t run, rename in winlogon.exe (or winlogon.com) and try again

    Jean Sugoi
    Jean Sugoi
    Keymaster
    4 years, 12 months ago

    Hi Angela,

    Let’s continue :

    – Download Farbar Recover Scan Tool for either 32 bit or 64 bit systems and save it to your desktop < << Important32 bits >> http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/

    64 bits >> http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/

    – If you are unsure if you have 32 bit or 64 bit simply download and try one. If that doesn’t run properly the other one should
    – Double click the icon
    – Click Yes to the disclaimer
    – Make sure the Addition.txt box is checked
    – Click Scan and allow the program to run
    – Click OK on the Scan complete screen, then OK on the Addition.txt pop up screen
    – 2 Notepad documents should now be open on your desktop.
    – Please add thoses files in your reply

    Jean Sugoi
    Jean Sugoi
    Keymaster
    4 years, 12 months ago

    Ok please try the following :

    • If Avast is installed on you computer you have to disable it during the process.
    • You can download AdwCleaner utility from the below button :
      Download ZHPCleaner
    • Select ZHPCleaner.exe with right mouse click and Run as Administrator.
    • Accept the user agreement.
    • Click on the Repair button.
    • Reboot your computer.
    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Nop that’s fine if it’s useful for you.
    How is your machine now ?

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago
    This reply has been marked as private.
    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Ok,
    Let’s check what’s inside your computer.
    Follow this guide : https://www.how-to-remove.com/zhpdiag/ and attach on your next answer the log file you are going to get.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Zoek have deleted a lot of malware, do you still have issues with smartshopping ?

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Hi Angela,

    Lets try to fix your PC:
    1. Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one) from here: http://hijackthis.nl/smeenk/
    2. Right-click on Zoek icon and select “Run as Administrator” to start the tool.
    Wait patiently until the main console will appear, it may take a minute or two.
    3. In the main box please paste in the following script (between the lines):

    createsrpoint;
    autoclean;
    emptyalltemp;
    ipconfig /flushdns;b

    4. Make sure that Scan All Users option is checked.
    5. Push Run Script and wait patiently. The scan may take a couple of minutes.
    When this program will finish the clean-up it will ask you to restart your computer.
    6. Attach the report to your answer.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Hello Bill,
    Let’s check what’s inside your computer.
    Follow this guide : https://www.how-to-remove.com/zhpdiag/ and attach on your next answer the log file you are going to get.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Hi,

    Unfortunately at this time there is no way to retrieve the private key that can be used to decrypt your files. Brute forcing the decryption key is not realistic due to the length of time required to break this type of cryptography. Also any decryption tools that have been released by various companies for other malware will not work with this infection. The only methods you have of restoring your files is from a backup, file recovery tools, or if your lucky from Shadow Volume Copies.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years ago

    Hi Jessica,

    Lets try to fix your PC:
    1. Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one) from here: http://hijackthis.nl/smeenk/
    2. Right-click on Zoek icon and select “Run as Administrator” to start the tool.
    Wait patiently until the main console will appear, it may take a minute or two.
    3. In the main box please paste in the following script (between the lines):

    createsrpoint;
    autoclean;
    emptyalltemp;
    ipconfig /flushdns;b

    4. Make sure that Scan All Users option is checked.
    5. Push Run Script and wait patiently. The scan may take a couple of minutes.
    When this program will finish the clean-up it will ask you to restart your computer.
    6. Attach the report to your answer.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years, 1 month ago

    Hi Melissa,

    I think you have Google Chrome, and if the last step didn’t work for you, you can do that :

    – Export your bookmarks : https://support.google.com/chrome/answer/96816?hl=en
    – Go to the Start menu > Control Panel.
    – Click Add or Remove Programs.
    – Double-click Google Chrome.
    – Click Remove.
    – Select the “Also delete your browsing data” checkbox. Click Uninstall from the confirmation dialog.
    – Re-install Google Chrome : https://www.google.com/chrome/browser/desktop/

    Then you will be free of Roll around Ads.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years, 1 month ago

    Hi,

    Lets try to fix your PC:
    1. Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one) from here: http://hijackthis.nl/smeenk/
    2. Right-click on Zoek icon and select “Run as Administrator” to start the tool.
    Wait patiently until the main console will appear, it may take a minute or two.
    3. In the main box please paste in the following script (between the lines):

    createsrpoint;
    autoclean;
    emptyalltemp;
    ipconfig /flushdns;b

    4. Make sure that Scan All Users option is checked.
    5. Push Run Script and wait patiently. The scan may take a couple of minutes.
    When this program will finish the clean-up it will ask you to restart your computer.
    6. Attach the report to your answer.

    Jean Sugoi
    Jean Sugoi
    Keymaster
    5 years, 1 month ago

    Hi Athur,

    Lets try to fix your PC:
    1. Please download ZOEK by Smeenk and save it to your desktop (preferred version is the *.exe one) from here: http://hijackthis.nl/smeenk/
    2. Right-click on Zoek icon and select “Run as Administrator” to start the tool.
    Wait patiently until the main console will appear, it may take a minute or two.
    3. In the main box please paste in the following script (between the lines):

    createsrpoint;
    autoclean;
    emptyalltemp;
    ipconfig /flushdns;b

    4. Make sure that Scan All Users option is checked.
    5. Push Run Script and wait patiently. The scan may take a couple of minutes.
    When this program will finish the clean-up it will ask you to restart your computer.
    6. Attach the report to your answer.