LiquidTension

That's because your computer is still infected. Please wait for further instructions. I'm in the middle of responding.

Hello, Drive-by downloads are a common source of infection. This is why it's imperative to keep your software updated. The following programmes come highly recommended in the security community, and will help reduce the risk of infection. Malwarebytes Anti-Exploit and Secunia PSI in particular will help prevent drive-by downloads. AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads. Emsisoft Antimalware (free) acts as an additional on-demand scanner, and can be used in conjunction with your Anti-Virus. Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software. Malwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus. NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology. Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file. Secuina PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you. SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies. Unchecky automatically removes checkmarks for additional software in programme installers, helping you avoid adware and PUPs. Web of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website. I have compiled below a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet. Answers to common security questions - Best Practices by quietman7, MVPHow Malware Spreads - How did I get infected? by quietman7, MVPSimple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVPHow to Prevent Malware by miekiemoes, MVPHow to backup and restore your data using Cobian Backup by YourHighnessSlow Computer/browser? It May Not Be Malware by quietman7, MVP

The identified infection(s) can be removed. But due to the nature of the infection, your computer should not be considered completely trustworthy. Ultimately, it's a personal choice, and whatever you're most comfortable with. Most decide to proceed with cleaning.

Hi Bourkie, Sorry for the delay. Your logs are pretty clean - nothing of concern showing. Lets run a couple of scans to confirm your machine appears clean. STEP 1 Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startHKU\S-1-5-21-647605023-3897375125-3815395133-1000\...\MountPoints2: {cabb5bf1-46d1-11e0-93d7-74f06da7960d} - F:\setup.exeHKU\S-1-5-21-647605023-3897375125-3815395133-1000\...\MountPoints2: {e92a370c-f95c-11e0-8cec-74f06da7960d} - G:\LaunchU3.exe -aSearchScopes: HKCU - {44D5D8DA-79B3-4C76-8DB2-8458128E7901} URL = http://au.search.yah...p={SearchTerms}SearchScopes: HKCU - {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =SearchScopes: HKCU - {6A1806CD-94D4-4689-BA73-E35EA1EA9990} URL = BHO: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg64.dll (Google Inc.)BHO-x32: Google Toolbar Notifier BHO -> {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} -> C:\Program Files (x86)\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No FileFF Keyword.URL: hxxp://au.search.yahoo.com/search?fr=mcafee&p=FF NetworkProxy: "type", 0FF SelectedSearchEngine: Secure SearchFF DefaultSearchEngine: Secure SearchFF SearchEngineOrder.1: Secure SearchU3 tmlwf; No ImagePathU3 tmwfp; No ImagePathAlternateDataStreams: C:\Windows:C65C213250E3869ECMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetCMD: bitsadmin /reset /allusersEmptyTemp:endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply. STEP 2 Update/Remove Java Download the latest version of Java from here (watch out for "Optional Offers" during the update process).Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.Search for the following programmes, right-click and click Uninstall one at a time.Note: The programmes below may not be present. If this is the case, please skip to the next step.Java 7 Update 45Java™ 6 Update 22Java™ 6 Update 24 ​Follow the prompts, and reboot if necessary. STEP 3 Malwarebytes Anti-Malware (MBAM) Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 4 ESET Online Scan Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled. Please download ESET Online Scan and save the file to your Desktop.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Double-click esetsmartinstaller_enu.exe to run the programme. Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.Agree to the Terms of Use once more and click Start. Allow components to download.Place a checkmark next to Enable detection of potentially unwanted applications.Click Hide advanced settings. Place a checkmark next to:Scan archivesScan for potentially unsafe applicationsEnable Anti-Stealth technologyEnsure Remove found threats is unchecked.Click Start.Wait for the scan to finish. Please be patient as this can take some time.Upon completion, click . If no threats were found, skip the next two bullet points. Click and save the file to your Desktop, naming it something unique such as MyEsetScan.Push the Back button.Place a checkmark next to and click Finish.Re-enable your anti-virus software.Copy the contents of the log and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Fixlog.txtDid Java update/remove successfully? MBAM Scan logESET Online Scan log

Hello, Unfortunately, your computer is badly infected. Please consider the following warning, and let me know how you wish to proceed.

Lets get another set of FRST logs to see what's going on. Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

Greetings, Please do the following, reboot, and let me know if you no longer receive the error. Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startTask: {15C5CBA2-9AAC-42B8-862A-16EBDFD3E487} - System32\Tasks\ASUS\i-Setup231615 => C:\Windows\Chipset\AsusSetup.exe [2010-09-08] (ASUSTeK Computer Inc.)endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.

Good job. Those logs look great! Please provide an update on your computer. Are there any outstanding issues? STEP 1 Disable Windows Gadgets Microsoft Security Advisory 2719662 warns of vulnerabilities in Windows Sidebar Gadgets that could allow remote code execution. I recommend disabling Windows Sidebar by running the following Microsoft Fixit. STEP 2 Update Outdated Software Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below. Java SE Development Kit Follow these instructions to check for and download the latest Windows Updates. STEP 3 Remove Outdated Software Press the Windows Key + r on your keyboard at the same time. Type appwiz.cpl and click OK.Search for the following programmes, right-click and click Uninstall one at a time.Note: The programmes below may not be present. If this is the case, please skip to the next step.Java SE Development Kit 7 Update 11Java SE Development Kit 7 Update 17JavaFX 2.1.1 Follow the prompts, and reboot if necessary. STEP 4 Security Check Please download SecurityCheck and save the file to your Desktop.Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.A log (checkup.txt) will automatically open on your Desktop.Copy the contents of the log and paste in your next reply. ====================================================== STEP 5 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. checkup.txtHow is your computer performing? Are there any outstanding issues?

Hi Sean, I am extremely grateful for any donations, so thank you very much. Ultimately, I do this because I enjoy helping others and fighting malware, so a donation is an added bonus. I will mark this topic for closure. All the best, Adam.

Good job! Subject to no further issues, this concludes our work here. Now for the good news! All Clean! Congratulations, your computer appears clean! I no longer see signs of malware on your computer, and feel satisfied that our work here is done. The steps below will remove the tools we have used, and reset any settings changed. I have also provided a list of resources and tools that you may find useful. My help will always be free. But if you are happy with the help provided, and would like to support my fight against malware and/or buy me a beer, please consider a donation. STEP 1 DelFix Please download DelFix and save the file to your Desktop.Double-click DelFix.exe to run the programme.Place a checkmark next to the following items:Activate UACRemove disinfection toolsCreate registry backupPurge system restoreReset system settingsClick the Run button.-- This will remove the specialised tools we used to disinfect your system. Any leftover logs, files, folders or tools remaining on your Desktop which were not removed can be deleted manually (right-click the file + delete). ====================================================== I have compiled below a list of resources you may find useful. The articles document information on computer security, common infection vectors and how you can stay safe on the Internet. Answers to common security questions - Best Practices by quietman7, MVPHow Malware Spreads - How did I get infected? by quietman7, MVPSimple and easy ways to keep your computer safe and secure on the Internet by Lawrence Abrams, MVPHow to Prevent Malware by miekiemoes, MVPHow to backup and restore your data using Cobian Backup by YourHighnessSlow Computer/browser? It May Not Be Malware by quietman7, MVP The following programmes come highly recommended in the security community. AdBlock is a browser add-on that blocks annoying banners, pop-ups and video ads. Emsisoft Antimalware (free) acts as an additional on-demand scanner, and can be used in conjunction with your Anti-Virus. Malwarebytes Anti-Exploit (MBAE) is designed to prevent zero-day malware from exploiting vulnerable software. Malwarebytes Anti-Malware Premium (MBAM) incorporates real-time protection and is designed to run alongside your Anti-Virus. NoScript is a Firefox add-on that blocks the actions of malicious scripts by using whitelisting and other technology. Sandboxie isolates programmes of your choice, preventing files from writing to your HDD unless you approve the file. Secuina PSI will scan your computer for vulnerable software that is outdated, and automatically find the latest update for you. SpywareBlaster is a form of passive protection, designed to block the actions of malicious websites and tracking cookies. Unchecky automatically removes checkmarks for additional software in programme installers, helping you avoid adware and PUPs. Web of Trust (WOT) is a browser add-on designed to alert the user before interacting with a potentially malicious website. -- Please feel free to ask if you have any questions or concerns on computer security or the programmes above. ====================================================== Please confirm you have no outstanding issues, and are happy with the state of your computer. Once I have confirmation things are in order, we can wrap things up and I will close this thread. Thank you for using Malwarebytes. Safe Surfing. Adam (LiquidTension).

Hi Jeff, Ultimately, the decision is yours. We can troubleshoot the issues present now, or proceed with reimaging. If you would like to troubleshoot, please describe in detail the exact issues you are currently experiencing with your machine. ------- What would you like to do?

Good job. Those logs look god. How is your computer performing? Are there any outstanding issues? STEP 1 Security Check Please download SecurityCheck and save the file to your Desktop.Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.A log (checkup.txt) will automatically open on your Desktop.Copy the contents of the log and paste in your next reply. ====================================================== STEP 2 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. checkup.txtHow is your computer performing? Are there any outstanding issues?

Hello, For the time being, please attach the TDSSKiller log. Click Reply to this topic. Under the text field, click Choose Files...Locate the file and click Open. Post. I'd also like you to do the following. Running in Normal Mode is fine. Farbar Recovery Scan Tool (FRST) Scan Please download Farbar Recovery Scan Tool (x32) or Farbar Recovery Scan Tool (x64) and save the file to your Desktop.Note: Download and run the version compatible with your system (32 or 64-bit). Download both if you're unsure; only one will run.Right-Click FRST.exe / FRST64.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply.

Those logs look great. How is your computer performing? Are there any outstanding issues? STEP 1 Security Check Please download SecurityCheck and save the file to your Desktop.Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.A log (checkup.txt) will automatically open on your Desktop.Copy the contents of the log and paste in your next reply. ====================================================== STEP 2 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. checkup.txtHow is your computer performing? Are there any outstanding issues?

Nice to meet you, Mike. Please work your way through the following. STEP 1 AdwCleaner Please download AdwCleaner and save the file to your Desktop.Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 2 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. STEP 3 Farbar Recovery Scan Tool (FRST) Scan Right-Click FRST.exe and select Run as administrator to run the programme.Click Yes to the disclaimer.Ensure the Addition.txt box is checked.Click the Scan button and let the programme run.Upon completion, click OK, then OK on the Addition.txt pop up screen.Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. AdwCleaner[s0].txtJRT.txtFRST.txtAddition.txt

Hello, I need to see Addition.txt created by FRST. Please rerun FRST, ensuring you place a checkmark next to Addition.txt. Click Scan. Attach both FRST.txt and Addition.txt in your next reply.

OK, no problem.

Did you have any problems downloading the other files? For now, please run a scan with your current version of MBAM.

Hi Ed, Lets check for remnants, and confirm your machine appears free of malware. STEP 1 Malwarebytes Anti-Malware (MBAM) Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 ESET Online Scan Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled. Please download ESET Online Scan and save the file to your Desktop.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Double-click esetsmartinstaller_enu.exe to run the programme. Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.Agree to the Terms of Use once more and click Start. Allow components to download.Place a checkmark next to Enable detection of potentially unwanted applications.Click Hide advanced settings. Place a checkmark next to:Scan archivesScan for potentially unsafe applicationsEnable Anti-Stealth technologyEnsure Remove found threats is unchecked.Click Start.Wait for the scan to finish. Please be patient as this can take some time.Upon completion, click . If no threats were found, skip the next two bullet points. Click and save the file to your Desktop, naming it something unique such as MyEsetScan.Push the Back button.Place a checkmark next to and click .Re-enable your anti-virus software.Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM Scan logESET Online Scan log

You don't have the updated version. Simply install the updated version on top. No need to uninstall.

Good job. Lets check for remnants and confirm your machine appears free of malware. STEP 1 Malwarebytes Anti-Malware (MBAM) If you have not installed the most recent Malwarebytes Anti-Malware version (2.0.3.1025) please do so now. Open Malwarebytes Anti-Malware and click Update Now.Once updated, click the Settings tab and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 ESET Online Scan Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled. Please download ESET Online Scan and save the file to your Desktop.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Double-click esetsmartinstaller_enu.exe to run the programme. Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.Agree to the Terms of Use once more and click Start. Allow components to download.Place a checkmark next to Enable detection of potentially unwanted applications.Click Hide advanced settings. Place a checkmark next to:Scan archivesScan for potentially unsafe applicationsEnable Anti-Stealth technologyEnsure Remove found threats is unchecked.Click Start.Wait for the scan to finish. Please be patient as this can take some time.Upon completion, click . If no threats were found, skip the next two bullet points. Click and save the file to your Desktop, naming it something unique such as MyEsetScan.Push the Back button.Place a checkmark next to and click .Re-enable your anti-virus software.Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM Scan logESET Online Scan log

Hello, Please do the following. STEP 1 Malwarebytes Anti-Malware (MBAM) Please download the updated Malwarebytes Anti-Malware to your Desktop. Double-click mbam-setup.x.x.xxxx.exe (x represents the version #) and follow the prompts to install the programme. Launch the programme and click Update.Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.Click the Scan tab, ensure Threat Scan is checked and click Scan Now.Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.Upon completion of the scan (or after the reboot), click the History tab.Click Application Logs and double-click the Scan Log.Click Copy to Clipboard and paste the log in your next reply. STEP 2 AdwCleaner Please download AdwCleaner and save the file to your Desktop.Right-Click AdwCleaner.exe and select Run as administrator to run the programme.Follow the prompts. Click Scan. Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. Ensure anything you know to be legitimate does not have a checkmark, and click Clean. Follow the prompts and allow your computer to reboot. After rebooting, a log (AdwCleaner[s0].txt) will open. Copy the contents of the log and paste in your next reply.-- File and registry key backups are made for anything removed using this tool. Should a legitimate entry be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the entry. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt. STEP 3 Junkware Removal Tool (JRT) Please download Junkware Removal Tool and save the file to your Desktop.Note: If you unchecked any items in AdwCleaner, please backup the associated folders/files before running JRT.Temporarily disable your anti-virus software. For instructions, please refer to the following link.Right-Click JRT.exe and select Run as administrator to run the programme.Follow the prompts and allow the scan to run uninterrupted. Upon completion, a log (JRT.txt) will open on your desktop.Re-enable your anti-virus software.Copy the contents of JRT.txt and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. MBAM logAdwCleaner[s0].txtJRT.txt

Hello, Lets find the culprit. STEP 1 Autoruns Please download Autoruns and save the file to your Desktop.Right-Click Autoruns.exe and select Run as administrator to run the programme.Click Agree to End User Licence Agreement (EULA).Allow the programme to scan. Wait until you see Ready in the bottom left corner. Click File, then Save, name the file Autoruns Log.arn and save to your Desktop. Close Autoruns.Upload the log (Autoruns Log.arn) to my channel. STEP 2 SystemLook Please download SystemLook (x64) and save the file to your Desktop.Right-Click SystemLook_x64.exe and select Run as administrator to run the programme.Copy the entire contents of the codebox below and paste into the textfield. :filefind*AsusSetup*:folderfind*AsusSetup*:regfindAsusSetupClick the button to start the scan.Upon completion, a log (SystemLook.txt) will open. Copy the contents of the log and paste in your next reply.Click the button. Note: If the log is very long, please attach the file or upload to my channel. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Autoruns log (uploaded)SystemLook.txt

Hello, Do you recognise this file? C:\Users\Ed Jones\Downloads\20369762_8cbe0668731f68f2544e18d9cab8c624ec87b2dd.cab If not, delete the file. Please consider the following warning. Please provide an update on your computer after completing the steps below. Are there any outstanding issues? STEP 1 Revo Uninstaller Please download and install Revo Uninstaller Free.Double-click Revo Uninstaller to run the programme. From the list of programmes, locate the following, or anything similar and carry out the steps below one at a time.AVG PC TuneUp 2014PC Matic 1.1.0.51 << this is paid software, so you may wish to keep installed. Your choice. PC Pitstop Info Center 1.0.0.18 << this is paid software, so you may wish to keep installed. Your choice. ​Double-click the programme. When prompted if you want to uninstall click Yes.Ensure the Moderate option is selected and click Next.The programme uninstaller will run. If prompted again click Yes.Work your way through the uninstaller, ensuring you read each page thoroughly.Note: Ensure you decline offers of additional software if applicable. Once the built-in uninstaller is finished click Next.Once the programme has searched for leftovers click Next.Check items in bold only in the list and click Delete. You may have to expand folders by clicking the "+" mark.When prompted click Yes, followed by Next.Click Select all, followed by Delete.When prompted click Yes, followed by Next.Once done click Finish. STEP 2 Farbar Recovery Scan Tool (FRST) Script Press the Windows Key + r on your keyboard at the same time. Type Notepad and click OK.Copy the entire contents of the codebox below and paste into the Notepad document. startHKLM-x32\...\Run: [] => [X]CMD: ipconfig /flushdnsCMD: netsh winsock reset allCMD: netsh int ipv4 resetCMD: netsh int ipv6 resetCMD: bitsadmin /reset /allusersEmptyTemp:endClick File, Save As and type fixlist.txt as the File Name. Important: The file must be saved in the same location as FRST64.exe. NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System. Right-Click FRST64.exe and select Run as administrator to run the programme.Click Fix.A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply. ====================================================== STEP 3 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. Did the programmes uninstall OK?Fixlog.txtUpdate on computer

Hi Alan, No, that won't happen. You can read about the updated version here. Lets update your vulnerable software to reduce the risk of reinfection. STEP 1 Update Outdated Software Outdated software contain security risks that must be patched. Please download and install the latest version of the programmes below. Adobe Flash Player (Uncheck the "Optional Offer") Mozilla Firefox Mozilla Thunderbird Follow these instructions to check for and download the latest Windows Updates. STEP 2 Disable Java in Your Browser Due to frequent exploits we recommend you disable Java in your browser. For information on Java vulnerabilities, please read the following article (point #7). Click the Windows Start Button and type Java Control Panel (or javacpl) in the search bar. Click on the Java Control Panel. Once opened, click the Security tab.Deselect the check box for Enable Java content in the browser. This will disable the Java plug-in in the browser. Click Apply. When the Windows User Account Control (UAC) appears, allow permissions to make the changes. Click OK in the Java Plug-in confirmation window.Restart your browser(s) for changes to take effect.More information can be found here and here. STEP 3 Security Check Please download SecurityCheck and save the file to your Desktop.Double-click SecurityCheck.exe and follow the onscreen instructions inside the black box.A log (checkup.txt) will automatically open on your Desktop.Copy the contents of the log and paste in your next reply. ====================================================== STEP 4 Logs In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked. checkup.txt