Hello and welcome to
Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.
1. I will be working on your
Malware issues. This
may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please
DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.
If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the
shift key down while inserting the USB storage device for about
10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download and run the below tool named Rkill
(courtesy of BleepingComputer.com) which may help allow other programs to run.
Save Rkill to your desktop.
There are 7 different versions. If one of them won't run then download and try to run the other one.
Vista and Win7 users need to right click
Rkill and choose
Run as Administrator You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
*
Rkill.exe*
Rkill.com*
Rkill.scr*
WiNlOgOn.exe*
uSeRiNiT.exe*
iExplore.exe*
eXplorer.exeOnce you've gotten one of them to run then try to
immediately run the following.
*********************************************************
Please download
AdwCleaner by Xplode onto your Desktop.
- Double click on AdwCleaner.exe to run the tool.
- Click on Search.
- A logfile will automatically open after the scan has finished.
- Please post the content of that logfile in your reply.
- You can find the logfile at C:\AdwCleaner[Rn].txt as well - n is the order number.
********************************************************
Malwarebytes' Anti-Malware (MBAM)
If you already have Malwarebytes be sure to check for updates before scanning!Download
Malwarebytes Anti-Malware and save it to your desktop.
Alternate download link•Double-click
mbam-setup.exe and follow the prompts to install the program.
•Be sure a
checkmark is placed next to
Update Malwarebytes' Anti-Malware and
Launch Malwarebytes' Anti-Malware, then click
Finish.•
If you encounter any problems while downloading the updates, manually download them from here and just double-click on mbam-rules.exe to install.
•If an update is found, it will download and install the latest version.
•Once the program has loaded, select
Perform Quick Scan, then click
Scan.•When the scan is complete, click
OK, then
Show Results to view the results.
•Be sure that everything is
checked, and click
Remove Selected.•When completed, a log will open in
Notepad. Save it to a convenient location like the Desktop.
•The log is also automatically saved and can be viewed later by clicking the
Logs tab in
MBAM.•
Copy and Paste the contents of the report in your reply.
•Exit
MBAM..
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately. Failure to reboot will prevent MBAM from removing all the malware.
***************************************************
Download
Security Check by screen317 from one of the following links and save it to your desktop.
Link 1Link 2* Double-click
Security Check.bat* Follow the on-screen instructions inside of the black box.
* A
Notepad document should open automatically called
checkup.txt* Post the contents of that document in your next reply.
Note: If a security program requests permission from
dig.exe to access the Internet, allow it to do so.
Also, please post the other logs.