Print these instructions out.1. Run one of two free on-line scanners:
*** ESET Online Scanner at:
http://www.eset.com/onlinescan/Note: This scanner is for Internet Explorer only 1. You will notice that the "Start" button is grayed out. Place a check mark at "Yes, I accept the Terms of use". The "Start" button will become visible. Click on it.
2. If it wants to install an ActiveX component allow it
3. You will be asked to install an ActiveX, click the "Install" button (Note: If you have a Firewall install you may have to approve the installation)
4. Once ActiveX control is installed click on the "Start" button to initialize the scanner
5. After initialization is complete, make sure, that "Remove found threats", and "Scan unwanted applications" are checkmarked.
6. Click the "Scan" button
7. Once the scan is done, you will find a log in C:\Program Files\esetonlinescanner\log.txt
Post ESET's log.*** TrendMicro online scanner,
HouseCallNote: This scanner works with Firefox, and Internet ExplorerClick on
It'll ask you to download small
housecall66.exe to your computer.
Double click on the above file to begin scanning process.
HouseCall pop-up window will open.
Accept the agreement.
In next window, select
Complete Scan, and click on
Start Scanning button.
Relax, it'll take a while...
Upon completion HouseCall will display results under
Results tab.
Click
Clean now button.
Close application.
Find
TrendMicro log,
housecall0.log. Its location:
Windows XP:
C:\Documents and Settings\username\Application Data\HouseCall 6.6\logVista:
C:\Users\username\AppData\Roaming\HouseCall 6.6\log2. Download SUPERAntiSpyware Free for Home Users:
http://www.superantispyware.com/ * Double-click SUPERAntiSpyware.exe and use the default settings for installation.
* An icon will be created on your desktop. Double-click that icon to launch the program.
* If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download and unzip them from here:
http://www.superantispyware.com/definitions.html.)
* Close SUPERAntiSpyware.
Restart computer in Safe Mode.To enter Safe Mode, restart computer, and keep tapping F8 key, until menu appears; pick Safe Mode; you'll see "Safe Mode" in all four corners of your screen * Open SUPERAntiSpyware.
* Under "Configuration and Preferences", click the Preferences button.
* Click the Scanning Control tab.
* Under Scanner Options make sure the following are checked (leave all others unchecked):
o Close browsers before scanning.
o Scan for tracking cookies.
o Terminate memory threats before quarantining.
* Click the "Close" button to leave the control center screen.
* Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
* On the left, make sure you check C:\Fixed Drive.
* On the right, under "Complete Scan", choose Perform Complete Scan.
* Click "Next" to start the scan. Please be patient while it scans your computer.
* After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
* Make sure everything has a checkmark next to it and click "Next".
* A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
* If asked if you want to reboot, click "Yes".
* To retrieve the removal information after reboot, launch SUPERAntispyware again.
o Click Preferences, then click the Statistics/Logs tab.
o Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
o If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
o Please copy and paste the Scan Log results in your next reply with a new HijackThis log.
* Click Close to exit the program.
Post SUPERAntiSpyware log.3. Download
Malwarebytes' Anti-Malware (
http://www.majorgeeks.com/Malwarebytes_Anti-Malware_d5756.html) to your desktop.
* Double-click
mbam-setup.exe and follow the prompts to install the program.
* At the end, be sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware and
Launch Malwarebytes' Anti-Malware, then click
Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select
Perform full scan, then click
Scan.
* When the scan is complete, click OK, then
Show Results to view the results.
* Be sure that everything is checked, and click
Remove Selected.
* When completed, a log will open in Notepad.
*
Post the log back here.
Be sure to restart the computer.
The log can also be found here:
C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\
log-date.txtOr at C:\Program Files\Malwarebytes' Anti-Malware\Logs\
log-date.txt4. Download HijackThis:
http://www.snapfiles.com/get/hijackthis.htmlPost HijackThis log.
