Please run MBAM and this time make sure every infection has a check mark and click "Remove Selected".Open
HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - (no file)Important: Close all open windows except for
HijackThis and then click
Fix checked.Once completed, exit
HijackThis.**************************************
Download
Security Check by screen317 from one of the following links and save it to your desktop.
Link 1Link 2* Unzip
SecurityCheck.zip and a folder named
Security Check should appear.
* Open the
Security Check folder and double-click
Security Check.bat* Follow the on-screen instructions inside of the black box.
* A
Notepad document should open automatically called
checkup.txt* Post the contents of that document in your next reply.
Note: If a security program requests permission from
dig.exe to access the Internet, allow it to do so.
**********************************
Please download
ComboFix from
BleepingComputer.comAlternate link: GeeksToGo.comRename ComboFix.exe to commy.exe before you save it to your DesktopDisable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
A guide to do this can be found hereClick
Start>Run then copy paste the following command into the Run box & click
OK "%userprofile%\desktop\commy.exe" /stepdelAs part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console[/list]
Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the contents of
C:\ComboFix.txt in your next reply.
If you have problems with ComboFix usage, see
How to use ComboFix