Gary R

Hi Danceswithwolve

I'm Gary R, I'll be glad to help you with your computer problems.

Please observe these rules while we work:

• Perform all actions in the order given.
• If you don't know, stop and ask! Don't keep going on.
• Please reply to this thread. Do not start a new topic.
• Stick with it till you're given the all clear.
• Remember, absence of symptoms does not mean the infection is all gone.
• Don't attempt to clean your computer with any tools other than the ones I ask you to use during the cleanup process.

If you can do these things, everything should go smoothly.

• If you're using XP, you'll need Administrator privileges to perform the fixes. (XP accounts are Administrator by default)
• If you're using Vista, it will be necessary to right click all tools we use and select ----> Run as Admistrator

Because of the infection you have, it's highly likely you won't be able to download tools directly to your computer, so if you have access to another computer download the tools to that and then transfer them to the infected computer using a USB drive.

Download SDFix and save it to your Desktop.
Download Malwarebytes' Anti-Malware and save it to your Desktop.

Next

• Double click SDFix.exe
• Accept default location and click Install button.
• It will now extract the files to C:\SDFix

Reboot your computer into Safe Mode by doing the following :

• Restart your computer
• After hearing your computer beep once during startup, but before the Windows icon appears, tap the F8 key continually;
• Instead of Windows loading as normal, the Advanced Options Menu should appear;
• Select the first option, to run Windows in Safe Mode, then press Enter.
• Choose your usual account.

Note: if you cannot boot into safe mode using this method, DO NOT attempt to do so by using MSConfig, this could result in your computer becoming unbootable. Just let me know.

Once in safe mode.

• Open the extracted SDFix folder and double click RunThis.bat to start the script.
• Type Y to begin the cleanup process.
• It will remove any Trojan Services and Registry Entries that it finds then prompt you to press any key to Reboot.
• Press any Key and it will restart the PC.
• When the PC restarts the Fixtool will run again and complete the removal process then display Finished, press any key to end the script and load your desktop icons.
• Once the desktop icons load the SDFix report will open on screen and also save into the SDFix folder as Report.txt
  (Report.txt will also be copied to Clipboard ready for posting back on the forum).
• Finally paste me the contents of Report.txt

Next

• Double-click mbam-setup.exe and follow the prompts to install the program.

• Click on the Malwarebytes' Anti-Malware icon to launch the programme.
  • Click the Updates tab.
    • Click Check for Updates and allow the programme to download the latest definitions. (if you can't update it, just run it as it is)
  • Click the Scanner tab.
    • Check Perform Full Scan.
    • Click Scan and wait for the scan to complete.
    • When the scan is complete, click OK, then Show Results.
    • Ensure all items are checked then click Remove Selected.
      • A box will pop-up telling you that files have been quarantined.
      • A log will pop-up.
    • Post the log in your next reply please.

You can also access the log by doing the following

• Click on the Logs tab.
  • Click on the log at the bottom of those listed to highlight it.
  • Click Open

Next

Run a new scan with RSIT and post me the log please (there will only be one log log.txt when you run it for the 2nd time).

Summary of the logs I need from you in your next post:

• SDFix log (report.txt)
• MBAM log
• RSIT log (log.txt)

Please post each log separately to prevent them being cut off by the forum post size limiter.