Still some work to do...
Open HijackThis and select
Do a system scan onlyPlace a check mark next to the following entries: (if there)
- O2 - BHO: (no name) - {5CA3D70E-1895-11CF-8E15-001234567890} - (no file)
- O2 - BHO: (no name) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - (no file)
- O2 - BHO: (no name) - {CA6319C0-31B7-401E-A518-A07C3DB8F777} - (no file)
- O15 - Trusted Zone: http://*.buy-security-essentials.com
- O15 - Trusted Zone: http://*.download-soft-package.com
- O15 - Trusted Zone: http://*.download-software-package.com
- O15 - Trusted Zone: http://*.get-key-se10.com
- O15 - Trusted Zone: http://*.is-software-download.com
- O15 - Trusted Zone: http://*.buy-security-essentials.com (HKLM)
- O15 - Trusted Zone: http://*.get-key-se10.com (HKLM)Important: Close all open windows except for HijackThis and then click
Fix checked.
Once completed, exit HijackThis.
----------
You have
Viewpoint installed.
Viewpoint Media Player/Manager/Toolbar is considered as
Foistware instead of malware since it is installed without users approval but doesn't spy or do anything "bad".
More information: *
ViewMgr.exe - Useless*
Viewpoint to Plunge Into AdwareIt is suggested to remove the program now. Go to
Start > Control Panel > Add/Remove Programs - (Vista & Win7 is Programs and Features) and remove the following programs if present.
*
Viewpoint*
Viewpoint Manager*
Viewpoint Media Player*
Viewpoint Toolbar*
Viewpoint Experience Technology----------
Download
Disable/Remove Windows Messenger to the desktop to remove
Windows Messenger.
Do not confuse
Windows Messenger with
MSN Messenger or
Windows Live Messenger because they are not the same.
Windows Messenger is a frequent cause of popups.
Unzip the file on the desktop. Open the
MessengerDisable.exe and choose the bottom box -
Uninstall Windows Messenger and click
Apply.
Exit out of MessengerDisable then delete the two files that were put on the desktop.
----------
Your Java is out of date. Older versions have vulnerabilities that malicious sites can use to infect your system. First install the new
Sun Java Runtime EnvironmentNote: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.
Be sure to close all browser windows before beginning the install. Remove the old version(s) Download
JavaRa* Unzip the file and open the JavaRa.exe
* Click
Remove Older Versions* JavaRa will search for and remove any outdated version of Java and remove any that are found.
* Click
Additional Tasks* Place a check next to
Remove Useless JRE Files and click
Go*
Exit JavaRa*
Delete the JavaRa files from the desktopAdditional Note: The
Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to
Start > Control Panel > Java > Advanced > Miscellaneous and
uncheck the box for
Java Quick Starter. Click OK and restart your computer.
----------
If you already have Malwarebytes be sure to update it before running the scan!Download
Malwarebytes' Anti-Malware (MBAM)* Double-click
mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to the following:
*
Update Malwarebytes' Anti-Malware*
Launch Malwarebytes' Anti-Malware* Then click
Finish* If an update is found, it will download and install the latest version.
* Once the program has loaded, select
Perform quick scan, then click
Scan.
* When the scan is complete, click
OK, then
Show Results to view the results.
* Be sure that everything is checked, and click
Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
*
Copy and Paste the entire report in your next reply.Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.----------
RootRepeal - Rootkit Detector* Download the following tool:
RootRepeal - Rootkit Detector* Direct download link is here:
RootRepeal.zip* Close all programs and temporarily disable your anti-virus, Firewall and any anti-malware real-time protection before performing a scan.
* Click
this link to see a list of such programs and how to disable them.
* Extract the program file to a new folder such as
C:\RootRepeal* Run the program
RootRepeal.exe and go to the
REPORT tab and click on the
Scan button.
* Select
ALL of the checkboxes and then click
OK and it will start scanning your system.
* If you have multiple drives you only need to check the C: drive or the one Windows is installed on.
* When done, click on
Save Report* Save it to the same location where you ran it from, such as
C:RootRepeal* Save it as
rootrepeal.txt* Then open that log and select all and copy/paste it back on your next reply please.
* Close RootRepeal.
----------
Next post please add the MBAM and RootRepeal logs.