Kenny94

Just seen that you running a outdated version of Malwarebytes. Also, we need to deal with Win32.TDSS.e C:\Windows\system32\drivers\volsnap.sys. That causing the search redirections. Step 1: Uninstall Malwarebytes' Anti-Malware from Add/Remove Programs in the Control Panel Restart your computer very important Download and run mbam-clean.exe from here It will ask to restart your computer, please allow it to do so very important Next Please download Malwarebytes Anti-Malware from Here. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Please click here to download Kaspersky Virus Removal Tool. Double click on the file you just downloaded and let it install. It will install to your desktop. After that leave what is selected and put a check next to My Computer. Click on the option that says Threat Detection and change it to Disinfect,delete if disinfection fails. Then click on Start Scan. Before it is done it may prompt for action regardless of the setting so choose delete if prompted. When the scan is done no log will be produced. Click on the bottom where it says Report to open the report. Then highlight of of the items found by using ctrl + a on your keyboard to select all or use your mouse to select all then right click and choose copy. This will copy the items that it found to the clipboard you can then open notepad (go to start then run then type in notepad) and choose paste to paste the contents into Notepad. You can save this on the desktop. Post the contents of the document in your next reply. Note: This tool will self uninstall when you close it so please save the log before closing it.

Step 1: Uninstall Malwarebytes' Anti-Malware from Add/Remove Programs in the Control Panel Restart your computer very important Download and run mbam-clean.exe from here It will ask to restart your computer, please allow it to do so very important Next Please download Malwarebytes Anti-Malware from Here. Double Click mbam-setup.exe to install the application. Make sure a checkmark is placed next to Update Malwarebytes Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish. If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediatly.

Right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (Example: puppy.com). If you do not see the file extension, please refer to: How to change the file extension. Then run TDSKiller.

Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. Vista/Windows 7 users right-click and select Run As Administrator. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. Click the Report button and copy/paste the contents of it into your next replyNote:It will also create a log in the C:\ directory.

No not at all....

Update Run Malwarebytes Launch Malwarebytes' Anti-Malware If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

There are some older versions of Java on your computer. These can be a source of this infection. [ Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Download the latest version of Java Runtime Environment (JRE) 6 and save it to your desktop. Scroll down to where it says Java SE Runtime Environment (JRE) - JRE 6 Update 26 - Click the Download button to the right. Select the Windows platform from the dropdown menu. Read the License Agreement and then check the box that says: I agree to the Java SE Runtime Environment 6u16 with JavaFX 1 License Agreement. Click on Continue.The page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u126 -windows-i586-p.exe to install the newest version. After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)On the General tab, under Temporary Internet Files, click the Settings button. Next, click on the Delete Files button There are two options in the window to clear the cache - Leave BOTH CheckedApplications and Applets Trace and Log Files [*]Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. [*]Click OK to leave the Temporary Files Window [*]Click OK to leave the Java Control Panel. To test your Java Run-time, you may go to this page http://www.java.com/en/download/help/testvm.xml When all is well, you should see Java Version: 1.6.0_26 from Sun Microsystems Inc. ------------------------------------------------------------------- ESET Online Scanner Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here. Please go here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Now click on: [*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. [*]When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: [*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. [*]Copy and paste that log as a reply to this topic. Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

The search redirections should have stopped now. There are some older versions of Java on your computer. These can be a source of this infection. [ Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system. Please follow these steps to remove older version Java components and update. Download the latest version of Java Runtime Environment (JRE) 6 and save it to your desktop. Scroll down to where it says Java SE Runtime Environment (JRE) - JRE 6 Update 26 - Click the Download button to the right. Select the Windows platform from the dropdown menu. Read the License Agreement and then check the box that says: I agree to the Java SE Runtime Environment 6u16 with JavaFX 1 License Agreement. Click on Continue.The page will refresh. Click on the link to download Windows Offline Installation and save the file to your desktop. Close any programs you may have running - especially your web browser. Go to Start > Settings > Control Panel, double-click on Add/Remove Programs and remove all older versions of Java. Check (highlight) any item with Java Runtime Environment (JRE or J2SE or Java) in the name. Click the Remove or Change/Remove button. Repeat as many times as necessary to remove each Java versions. Reboot your computer once all Java components are removed. Then from your desktop double-click on jre-6u126 -windows-i586-p.exe to install the newest version. After the install is complete, go into the Control Panel (using Classic View) and double-click the Java Icon. (looks like a coffee cup)On the General tab, under Temporary Internet Files, click the Settings button. Next, click on the Delete Files button There are two options in the window to clear the cache - Leave BOTH CheckedApplications and Applets Trace and Log Files [*]Click OK on Delete Temporary Files Window Note: This deletes ALL the Downloaded Applications and Applets from the CACHE. [*]Click OK to leave the Temporary Files Window [*]Click OK to leave the Java Control Panel. To test your Java Run-time, you may go to this page http://www.java.com/en/download/help/testvm.xml When all is well, you should see Java Version: 1.6.0_26 from Sun Microsystems Inc. ------------------------------------------------------------------- Next Please run this online scan to help look for remnants. ESET Online Scanner Note: You can use either Internet Explorer or Mozilla FireFox for this scan. You will however may need to disable your current installed Anti-Virus, how to do so can be read here. Please go here then click on: Select the option YES, I accept the Terms of Use then click on: When prompted allow the Add-On/Active X to install. Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked. Now click on Advanced Settings and select the following: Scan for potentially unwanted applications Scan for potentially unsafe applications Enable Anti-Stealth Technology [*]Now click on: [*]The virus signature database... will begin to download. Be patient this make take some time depending on the speed of your Internet Connection. [*]When completed the Online Scan will begin automatically. [*]Do not touch either the Mouse or keyboard during the scan otherwise it may stall. [*]When completed select Uninstall application on close if you so wish, make sure you copy the logfile first! [*]Now click on: [*]Use notepad to open the logfile located at C:\Program Files\ESET\EsetOnlineScanner\log.txt. [*]Copy and paste that log as a reply to this topic. Note: Do not forget to re-enable your Anti-Virus application after running the above scan! Also, please let me know how things are running now and if you encountered any problems while you were following the instructions I posted.

Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. --------------------------------------------------------------------------------------------- Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Update Run Malwarebytes Launch Malwarebytes' Anti-Malware If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

One of your logs is showing a rootkit, but the others scanners hasn't found it. ComboFix will not run until AVG is uninstalled as a protective measure. This is an issue with AVG. You can install AVG after we clean your PC. Or I have another free Antivirus that you can install. Use the uninstaller below: Download AppRemover and run it. Click Next >> Ensure "Remove Security Application" is collected and click Next >> AppRemover will scan all the security applications on your PC Select Any AVG entries from the applications offered and click Next >> twice. Follow any further on-screen instructions. If asked to reboot,please do so. Note: Please do not browse the internet or open any email attachments until your Anti-Virus is re-installed If AVG is not listed. Rerun AppRemover and select to "Clean Up a Failed Uninstall" Select AVG follow the promts. Next Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. Vista/Windows 7 users right-click and select Run As Administrator. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. Click the Report button and copy/paste the contents of it into your next replyNote:It will also create a log in the C:\ directory.

Hi Theodoric and Welcome to Malwarebytes! Looking over your log it seems you don't have any evidence of an anti-virus software. Anti-virus software are programs that detect cleans and erase harmful virus files on a computer Web server or network. Unchecked virus files can unintentionally be forwarded to others including trading partners and thereby spreading infection. Because new viruses regularly emerge anti-virus software should be updated frequently. Anti-virus software can scan the computer memory and disk drives for malicious code. They can alert the user if a virus is present and will clean delete (or quarantine) infected files or directories. Please download Avira AntiVir Free. Avira AntiVir Personal - Free anti-virus software for Windows. Detects and removes more than 50000 viruses. Free support. Perform a full scan with Avira and let it delete everything it is finding. Then reboot. After reboot, open your Avira and select "reports". There doubleclick the report from the Full scan you have done. Click the "Report File" button and copy and paste this report in your next reply

Hi andstiga Please post the Attach.txt of DDS.

Run DDS in safe mode: Please reboot your computer in Safe Mode by doing the following : Restart your computer After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually; Instead of Windows loading as normal, the Advanced Options Menu should appear; Select the first option, to run Windows in Safe Mode, then press Enter. Log into an account with administrative priviliges. Please copy and paste both logs.

Hi poppy2 and Welcome to Malwarebytes! Please download aswMBR from here Save aswMBR.exe to your Desktop Double click aswMBR.exe to run it Click the Scan button to start the scan as illustrated below Note: Do not take action against any **Rootkit** entries until I have reviewed the log. Once the scan finishes click Save log to save the log to your Desktop Copy and paste the contents of aswMBR.txt back here for review

I understand gymnast46. I'll post some helpful tips and free applications. To prevent this from happening again. Here are some additional links for you to check out to help you with your computer security. Browsers Just because your computer came loaded with Internet Explorer doesn't mean that you have to use it, there are other free alternatives, FIREFOX and OPERA, both are free to use and are more secure than IE. If you are using firefox you can stay more secure by adding NoScript and WOT (Web Of Trust) NoScript stops Java scripts from starting on a web page unless you give permission for them, and WOT (Web Of Trust) has a comprehensive list of ratings for different websites allowing you to easily see if a website that you are about to go to has a bad reputation; in fact it will warn you to check if you are sure that you want to continue to a bad website. Make your Internet Explorer more secure - This can be done by following these simple instructions: From within Internet Explorer click on the Tools menu and then click on Options. Click once on the Security tab Click once on the Internet icon so it becomes highlighted. Click once on the Custom Level button. Change the Download signed ActiveX controls to Prompt Change the Download unsigned ActiveX controls to Disable Change the Initialize and script ActiveX controls not marked as safe to Disable Change the Installation of desktop items to Prompt Change the Launching programs and files in an IFRAME to Prompt Change the Navigate sub-frames across different domains to Prompt When all these settings have been made, click on the OK button If it prompts you as to whether or not you want to save the settings, press the Yes button. Next press the Apply button and then the OK to exit the Internet Properties page. Additional Security Measures Scan your system for outdated versions of commonly used software applications that may also cause your PC be vulnerable, using the Secunia Online Software Inspector (OSI). This is very important because recent statistics confirm that an overwhelming majority of infections are aquired through application not Operating System flaws. Commonly used programs like Quicktime, Java, and Adobe Acrobat Reader, itunes, and many others are commonly targeted today. You can make your computer much more secure if you update to the most current versions of these programs and any others that Secunia alerts you to. Visit Microsoft's Windows Update Site Frequently - It is important that you visit http://www.windowsupdate.com regularly. This will ensure your computer has always the latest security updates available installed on your computer. If there are new updates to install, install them immediately, reboot your computer, and revisit the site until there are no more critical updates. Cookienator- Scans your PC for tracking cookies in multiple browsers as well as in Adobe Flash. Auslogics Disc Defrag or JKDefrag - Two good disc defragmenters for you to choose from to help speed up your computer. Visit My Blog for Malware and Spyware Tips

I'm sorry to hear this. How old was she? Bandit is two years old. He just had a birthday: Okay back to your computer... Download ComboFix from below: Combofix download * IMPORTANT !!! Place combofix.exe on your Desktop Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with ComboFix. You can get help on disabling your protection programs here Double click on combofix.exe & follow the prompts. As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures. The Windows recovery console will allow you to boot up into a special recovery mode that allows us to help you in the case that your computer has a problem after an attempted removal of malware. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement. ComboFix will now automatically install the Microsoft Windows Recovery Console onto your computer, which will show up as a new option when booting up your computer. Do not select the Microsoft Windows Recovery Console option when you start your computer unless requested to by a helper. Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see a message that says: The Recovery Console was successfully installed. Click on Yes, to continue scanning for malware. Your desktop may go blank. This is normal. It will return when ComboFix is done. ComboFix may reboot your machine. This is normal. When finished, it shall produce a log for you. Post that log (C:\ComboFix.txt) in your next reply. Note: Do not mouseclick combofix's window whilst it's running. That may cause it to stall. --------------------------------------------------------------------------------------------- Ensure your AntiVirus and AntiSpyware applications are re-enabled. ---------------------------------------------------------------------------------------------

Hi gymnast46 and Welcome to Malwarebytes! Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com) There are two different versions. If one of them won't run then download and try to run the other one. Vista and Windows 7 users need to right-click and choose Run as Administrator You only need to get one of them to run, not both of them. Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com) There are two different versions. If one of them won't run then download and try to run the other one. Vista and Windows 7 users need to right-click and choose Run as Administrator You only need to get one of them to run, not both of them. eXplorer.exe - WiNlOgOn.exe Please post the log in your next reply. (To see what was terminate). Note: If your security software warns about Rkill, please ignore and allow the download to continue. Once you've gotten one of them to run then try to immediately run the following: Update Run Malwarebytes Launch Malwarebytes' Anti-Malware If an update is found, it will download and install the latest version. Once the program has loaded, select "Perform Quick Scan", then click Scan. The scan may take some time to finish,so please be patient. When the scan is complete, click OK, then Show Results to view the results. Make sure that everything is checked, and click Remove Selected. When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note) The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM. Copy&Paste the entire report in your next reply. Extra Note: If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process,if asked to restart the computer,please do so immediatly.

Hi Andres and Welcome to Malwarebytes! We need to look at some information about what is going on in your computer: Please perform the following scan: Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pif [*]Double click on the DDS icon, allow it to run. [*]A small box will open, with an explanation about the tool. [*]When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt [*] Save both reports to your desktop. [*] The instructions here ask you to attach the Attach.txt. [*]Instead of attaching, please copy/past both logs into your Thread [*]Close the program window, and delete the program from your desktop. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Hi JimPI and Welcome to Malwarebytes! Please note that these fixes are not instantaneous. Most infections require more than one round to properly eradicate. Stay with me until given the 'all clear' even if symptoms diminish. Lack of symptoms does not always mean the job is complete. Kindly follow my instructions and please do no fixing on your own or running of scanners unless requested by me or another helper. --------------------------------------------------------------------------------------------- Download TDSSKiller and save it to your Desktop. Extract its contents to your desktop. Once extracted, open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan. Vista/Windows 7 users right-click and select Run As Administrator. If an infected file is detected, the default action will be Cure, click on Continue. If a suspicious file is detected, the default action will be Skip, click on Continue. It may ask you to reboot the computer to complete the process. Click on Reboot Now. Click the Report button and copy/paste the contents of it into your next replyNote:It will also create a log in the C:\ directory. Next You should be able to run DDS now. So we need to look at some more information about what is going on in your computer: Please perform the following scan: Download DDS by sUBs from one of the following links. Save it to your desktop.DDS.scr DDS.pif [*]Double click on the DDS icon, allow it to run. [*]A small box will open, with an explanation about the tool. [*]When done, DDS will open two (2) logs 1. DDS.txt 2. Attach.txt [*] Save both reports to your desktop. [*] The instructions here ask you to attach the Attach.txt. [*]Instead of attaching, please copy/past both logs into your Thread [*]Close the program window, and delete the program from your desktop. Please note: You may have to disable any script protection running if the scan fails to run. After downloading the tool, disconnect from the internet and disable all antivirus protection. Run the scan, enable your A/V and reconnect to the internet. Information on A/V control HEREThen post your DDS (DDS.txt and Attach.txt

Attention: Your computer is severely infected with Win32\Ramnit what is now called, a cocktail infection. This is an infection that is comprised of many different types of viruses and other malware, to damage your computer, and use it as a zombie for its backdoor network. In other words, your computer is under control of a hacker, and regaining control is now next to impossible. The first component is a backdoor trojan, which is a type of trojan that communicates with a hacker: to transfer personal information about you, use your computer to help perform a denial-of-service attack, redirect your internet searches in order to make money off of your browsing habits, and can be a keylogger to steal personal identifiable information to help rob your identity. The second component is a rootkit, which is a type of malware to take control over your computer at administrator access, having full permission to modify all of your device drivers, and allowing itself to hide all the malware on the system. In other words, it is a hackers way of taking control of your computer, and hiding in the dark at the same time. This is a prime initiative of hackers to help keep access to your computer, robbing all of your personal information, and using your computer to send spam across the internet. The third component is a file infector, which is a type of virus to purposely damage as many files as possible, in order to keep control of your system, so you have as little access as possible. Not only has your system been compromised severely, it is also highly damaged, and if you do not commit to my suggested removal method below, then your computer may not function anymore. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable. Do NOT change passwords or do any transactions while using the infected computer because the attacker may get the new passwords and transaction information. (If using a router, you need to reset it with a strong logon/password so the malware cannot gain control before connecting again.) Banking and credit card institutions should be notified to apprise them of your situation (possible security breach). To protect your information that may have been compromised, I recommend reading these references: How Do I Handle Possible Identify Theft, Internet Fraud and CC Fraud? What Should I Do If I've Become A Victim Of Identity Theft? Identity Theft Victims Guide - What to do Removal method: It is recommended to do a reformat and reinstall of your operating system. the best course of action would be a reformat and clean reinstall of the OS. This is something I don't like to recommend normally, but in most cases it is the best solution for your safety. I recommend the following articles to read: When should I re-format? How should I reinstall? Help: I Got Hacked. Now What Do I Do? Help: I Got Hacked. Now What Do I Do? Part II Where to draw the line? When to recommend a format and reinstall? Guides for format and reinstall: http://forums.whatthetech.com/index.php?showtopic=91962 Should you have any questions, please feel free to ask.

Combofix log resides in your C: Drive. C:\ look for ComboFix.txt. There should be two ComboFix.txt files. Post the one with todays date on the top of the report.