Hello and welcome to
Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your
Malware issues. This
may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please
DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the
shift key down while inserting the USB storage device for about
10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
MBAM is a safe product to use. It does not remove essential files. What you're seeing is the results of malware.Please download and run the below tool named Rkill
(courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.
There are 7 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click
Rkill and choose
Run as Administrator You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
*
Rkill.exe*
Rkill.com*
Rkill.scr*
WiNlOgOn.exe*
uSeRiNiT.exe*
iExplore.exe*
eXplorer.exeOnce you've gotten one of them to run then try to
immediately run the following.
********************************************************
- Please download Unhide by Grinler from here and save it to your desktop.
- Double click unhide.exe to run the tool.
- It will take some time to go through all your files, so please be patient.
- If this tool doesn´t fix the problem, please let me know.
******************************************************
Download
DDS from
HERE or
HERE and save it to your desktop.
Vista users right click on
dds and select
Run as administrator (you will receive a UAC prompt, please allow it)
*
XP users Double click on dds to run it.
* If your antivirus or firewall try to block
DDS then please allow it to run.
* When finished
DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.
1)
DDS.txt2)
Attach.txtInstead of attaching, please copy/past both logs into your ThreadNote: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.
•Close the program window, and delete the program from your desktop.
Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control
HERE .Then post your DDS logs. (
DDS.txt and
Attach.txt )