deltalima

Hi diver dan, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

Hi gt88, Now that you are clean, please follow these simple steps in order to keep your computer clean and secure DeFogger To re-enable your Emulation drivers, double click DeFogger to run the tool. The application window will appear Click the Re-enable button to re-enable your CD Emulation drivers Click Yes to continue A 'Finished!' message will appear Click OK DeFogger will now ask to reboot the machine - click OK Remove GMER Delete the GMER icon from your desktop. Clean up with OTL Double-click OTL.exe to start the program. This will remove all the tools we used to clean your pc. Close all other programs apart from OTL as this step will require a reboot On the OTL main screen, press the CleanUp! button Say Yes to the prompt and then allow the program to reboot your computer. Create a new, clean System Restore point which you can use in case of future system problems: Press Start >> All Programs >> Accessories >>System Tools >> System Restore Select Create a restore point, then Next, type a name like All Clean then press the Create button and once it's done press Close Now remove old, infected System Restore points: Next click Start >> Run and type cleanmgr in the box and press OK Ensure the boxes for Recycle Bin, Temporary Files and Temporary Internet Files are checked, you can choose to check other boxes if you wish but they are not required. Select the More Options tab, under System Restore press Clean up... and say Yes to the prompt Press OK and Yes to confirm Update your AntiVirus Software and keep your other programs up-to-date Update your Antivirus programs and other security products regularly to avoid new threats that could infect your system. You can use one of these sites to check if any updates are needed for your pc. Secunia Software Inspector F-secure Health Check Security Updates for Windows, Internet Explorer & Microsoft Office Whenever a security problem in its software is found, Microsoft will usually create a patch so that after the patch is installed, attackers can't use the vulnerability to install malicious software on your PC. Keeping up with these patches will help to prevent malicious software being installed on your PC. Ensure you are registered for Windows updates via Start > right-click on My Computer > Properties > Automatic Updates tab or visit the Microsoft Update site on a regular basis. Install SpywareBlaster - SpywareBlaster will added a large list of programs and sites into your Internet Explorer settings that will protect you from running and downloading known malicious programs. A tutorial on installing & using this product can be found here: Using SpywareBlaster to protect your computer from Spyware and Malware Update all these programs regularly - Make sure you update all the programs I have listed regularly. Without regular updates you WILL NOT be protected when new malicious programs are released. Follow this list and your potential for being infected again will reduce dramatically. Here are some additional utilities that will enhance your safety MVPS Hosts file <= The MVPS Hosts file replaces your current HOSTS file with one containing well know ad sites etc. Basically, this prevents your computer from connecting to those sites by redirecting them to 127.0.0.1 which is your local computer Winpatrol <= Download and install the free version of Winpatrol. a tutorial for this product is located here: Using Winpatrol to protect your computer from malicious software Also, please read this great article by Tony Klein So How Did I Get Infected In First Place Happy surfing and stay clean!

Hi gt88, Not yet, we will remove them once we have confirmed the infection has been fully removed. You should Download and Install the newest version of Adobe Reader for reading pdf files, due to the vulnerabilities in earlier versions. All versions numbered lower than 9.3 are vulnerable. Go HERE , UNCHECK any Free Add-Ons, and click Download to install the latest version of Adobe Acrobat Reader. After it completes the Installation, close the Download Manager. Run OTL Script Double-click OTL.exe to start the program. Copy and Paste the following code into the textbox. Do not include the word Code :otl O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - (no file) Then click the Run Fix button at the top. Click . OTL may ask to reboot the machine. Please do so if asked. The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply. Now please run a quick scan with Malwarebytes and post the log in your next reply and also let me know how the computer is running now.

Hi gt88, TFC Please download TFC to your desktop, Save any unsaved work. TFC will close all open application windows. Double-click TFC.exe to run the program. Click the Start button in the bottom left of TFC If prompted, click "Yes" to reboot. Note: Save your work. TFC will automatically close any open programs, let it run uninterrupted. It should not take longer than a couple of minutes , and may only take a few seconds. Only if needed will you be prompted to reboot. TDSSKiller Download the file TDSSKiller.zip and save it on your desktop Extract the file tdskiller.zip, it will create a folder named tdsskiller on your desktop Next double-click the tdsskiller Folder on your desktop. Next right-click on tdsskiller.exe and click Copy then Paste it directly on to your Desktop. Highlight and copy the text in the codebox below. "%userprofile%\desktop\tdsskiller.exe" -l "%userprofile%\desktop\tdsskiller.txt" Click Start, click Run... and paste the text above into the Open: line and click OK. Wait for the scan and disinfection process to be over. Open tdskiller.txt on your desktop and post the contents in your next reply

Hi gt88, Please update to the latest version of Java and remove all old versions then run the Kaspersky scan again. Ensure that you use the link from my previous post and not the link on the main Kaspersky website. If the scanner will still not run then ESET online scannner Please go Here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Now click on: [*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. [*]When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: [*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. [*]Copy and paste that log as a reply to this topic.

Hi gt88, Please go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives [*]Click on My Computer under Scan. [*]Once the scan is complete, it will display the results. Click on View Scan Report. [*]You will see a list of infected items there. Click on Save Report As.... [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. [*]Please post this log in your next reply.

Hi gt88, Defogger Disable Drivers Please download DeFogger... by jpshortstuff. Save it to your desktop. Double click DeFogger.exe to run the tool. The application window will appear. Click the Disable button to disable your CD Emulation drivers. Click Yes to continue. A 'Finished!' message will appear. Click OK. Click OK when DeFogger asks to reboot the machine. Do not re-enable these drivers until otherwise instructed. IMPORTANT! If you receive an error message while running DeFogger, please post the log defogger_disable which will appear on your desktop. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log in your next reply.

Begbie You must open your own topic, it is not possible to work on two computers in the same thread.

Hi gt88, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Scan With RKUnHooker Please Download Rootkit Unhooker Save it to your desktop. Now double-click on RKUnhookerLE.exe to run it. Click the Report tab, then click Scan. Check (Tick) Drivers, Stealth, Files, Code Hooks. Uncheck the rest. then Click OK. Wait till the scanner has finished and then click File, Save Report. Save the report somewhere where you can find it. Click Close. Copy the entire contents of the report and paste it in a reply here.

Hi jdaily57, Did you manage to run Pragmafix ? Please run a new scan with GMER and post the log.

I doubt it, could you download to another computer and transfer via CD or USB thumb drive?

Sounds like your Antivirus is blocking the download, I see you have AntiVir and Symantec, please disable both and download to your desktop. Do not run the tool until we can get a download to the desktop

Hi jdaily57, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Please download PragmaFix.exe and save it to your desktop. Double click PragmaFix.exe a log file will open, copy and paste the log into your next reply.

Hi Jaybee, Please try GMER in safe mode. Boot into Safe Mode: Restart your computer and immediately begin tapping the F8 key on your keyboard. If done right a Windows Advanced Options menu will appear. Select the Safe Mode option and press Enter. Please run GMER and save the log then reboot into normal mode and post the log. If GMER fails to produce a log then please run RootRepeal Please download RootRepeal Beta and save it to your Desktop. close all other programs then run it by double-clicking on the file named RootRepeal.exe Once the main window shows up, please click on the Report button on the bottom of the window. Next, please click the Scan button. Another window will pop up asking you to select what to include in the scan. Please uncheck everything except for the Stealth Code checkbox, and then click OK. Once the program has finished scanning, the results will appear. Click on the Save Report button, and save the report to your Desktop. Please post the log in you're next reply.

Hi Jaybee, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

Hi advancedimagery, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

Hi Alex123ert4, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

Hi Xirus, You have a peer to peer application running C:\Program Files\DNA\btdna.exe - BitTorrent Please stop this program and wait a while to see if the IP address blocking stops, if not please post a new HijackThis log.

Hi Morvik, OK, I'm sure the infection has been removed now so please let me know tomorrow. Run OTL Script Double-click OTL.exe to start the program. Copy and Paste the following code into the textbox. Do not include the word Code :otl O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found. Then click the Run Fix button at the top. Click . OTL may ask to reboot the machine. Please do so if asked. The report should appear in Notepad after the reboot.Copy and Paste that report in your next reply. Update Java Runtime You are using an old version of Java. Sun's Java is sometimes updated in order to eliminate the exploitation of vulnerabilities in an existing version. For this reason, it's extremely important that you keep the program up to date, & also remove the older more vulnerable versions from your system. The most current version of Sun Java is: Java Runtime Environment Version 6 Update 20. Download the latest version of Java Runtime Environment (JRE) 6 Here Scroll down to where it says "JDK 6 Update 20 (JDK or JRE)" Click the orange Download JRE button to the right Select the Windows platform from the dropdown menu Read the License Agreement and then check the box that says: "I agree to the Java SE Runtime Environment 6 with JavaFX License Agreement". Click on Continue.The page will refresh Click on the link to download Windows Offline Installation & save the file to your desktop Close any programs you may have running - especially your web browser Go to Start > Settings > Control Panel, double-click on Add/Remove Programs & remove all older versions of Java Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java 6) in the name Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions Reboot your computer once all Java components are removed Then from your desktop double-click on jre-6u20-windows-i586-p.exe to install the newest version Please go to Kaspersky website and perform an online antivirus scan. Read through the requirements and privacy statement and click on Accept button. It will start downloading and installing the scanner and virus definitions. You will be prompted to install an application from Kaspersky. Click Run. When the downloads have finished, click on Settings. Make sure these boxes are checked (ticked). If they are not, please tick them and click on the Save button: Spyware, Adware, Dialers, and other potentially dangerous programs Archives [*]Click on My Computer under Scan. [*]Once the scan is complete, it will display the results. Click on View Scan Report. [*]You will see a list of infected items there. Click on Save Report As.... [*]Save this report to a convenient place. Change the Files of type to Text file (.txt) before clicking on the Save button. [*]Please post this log in your next reply.

Hi Morvik, Please open Malwarebytes, check for updates and then run a quick scan then post the log in your next reply and let me know how the computer is running now.

Hi Morvik, Ok, just needed to check before the next step. Always a good idea, however we should be able to clean this one. Run Combofix: Temporarily disable any antispyware, antivirus and or antimalware real-time protection as they may interfere with running of ComboFix. Download ComboFix from here to your Desktop. For more information about Combofix please see here. Close all programs. Double click combofix.exe and follow the prompts. If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it

Hi Morvik, Please confirm that when the GMER scan was run all the sections except Show All were ticked, in particular Sections and IAT/EAT needed to be ticked.

Hi Morvik, TDSSKiller Download the file TDSSKiller.zip and save it on your desktop Extract the file tdskiller.zip, it will create a folder named tdsskiller on your desktop Next double-click the tdsskiller Folder on your desktop. Next right-click on tdsskiller.exe and click Copy then Paste it directly on to your Desktop. Highlight and copy the text in the codebox below. "%userprofile%\desktop\tdsskiller.exe" -l "%userprofile%\desktop\tdsskiller.txt" Click Start, click Run... and paste the text above into the Open: line and click OK. Wait for the scan and disinfection process to be over. Open tdskiller.txt on your desktop and post the contents in your next reply

Hi Morvik, Welcome to the forum. My nickname is deltalima and I will be helping you with your computer problems. The logs can take some time to research, so please be patient with me. Please be aware that removing Malware is a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop. Please note the following: I will working be on your Malware issues, this may or may not, solve other issues you have with your machine. The fixes are specific to your problem and should only be used for this issue on this machine. Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear. If after 3 days you have not responded to this topic, it will be closed, and you will need to start a new one. It's often worth reading through these instructions and printing them for ease of reference. If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry. Please reply to this thread. Do not start a new topic. The logs that you attached in the zip file were shortcuts and not logs. Please run the following scans and paste the logs into your next reply. Please make sure you follow the GMER instructions as they are not the same as the ones that you were previously given. Download and run OTL Download OTL by Old Timer and save it to your Desktop. Double click on OTL.exe to run it. Under Output, ensure that Minimal Output is selected. Under Extra Registry section, select Use SafeList. Click the Scan All Users checkbox. Click on Run Scan at the top left hand corner. When done, two Notepad files will open. OTL.txt <-- Will be opened Extras.txt <-- Will be minimized [*]Please post the contents of these 2 Notepad files in your next reply. Please download GMER Rootkit Scanner from here. Double click the .exe file. If asked to allow gmer.sys driver to load, please consent If it gives you a warning at program start about rootkit activity and asks if you want to run a scan...click NO. Run Gmer again and click on the Rootkit tab. Look at the right hand side (under Files) and uncheck all drives with the exception of your C drive. Make sure all other boxes on the right of the screen are checked, EXCEPT for "Show All". Click on the "Scan" and wait for the scan to finish. Note: Before scanning, make sure all other running programs are closed and no other actions like a scheduled antivirus scan will occur while this scan completes. Also do not use your computer during the scan. When completed, click on the Copy button and right-click on your Desktop, choose "New" > Text document. Once the file is created, open it and right-click again and choose Paste or Ctrl+V. Save the file as gmer.txt and copy the information in your next reply. Note: If you have any problems, try running GMER in SAFE MODE Important! Please do not select the "Show all" checkbox during the scan.. Please post the GMER log along with OTL.txt and Extras.txt from the OTL scan into your next reply.

You are most welcome.