Welcome to BC
Load this on the computer and run it
Please download Rkill
by Grinler and save it to your desktop.Link 2Link 3Link 4
- Double-click on the Rkill desktop icon to run the tool.
- If using Vista, right-click on it and Run As Administrator.
- A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
- If not, delete the file, then download and use the one provided in Link 2.
- If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs.
- If the tool does not run from any of the links provided, please let me know.
Do not reboot the computer or you will have to run it againAfter that, try theseWe Need to check for Rootkits with RootRepeal
- Download RootRepeal from the following location and save it to your desktop.
- Direct Download (Recommended)
- Zip Mirrors (Recommended if you have a slower connection or if the Direct Download mirror is down)
- Rar Mirrors - Only if you know what a RAR is and can extract it.
- Extract RootRepeal.exe from the archive (If you did not use the "Direct Download" mirror).
- Open on your desktop.
- Click the tab.
- Click the button.
- Check all seven boxes:
- Push Ok
- Check the box for your main system drive (Usually C:), and press Ok.
- Allow RootRepeal to run a scan of your system. This may take some time.
- Once the scan completes, push the button. Save the log to your desktop, using a distinctive name, such as RootRepeal.txt. Include this report in your next reply, please.
Please note: If Rootrepeal fails to run, try this step: Click Settings - Options. Set the Disk Access slider to High
Also try: right-click on rootrepeal.exe and rename it to tatertot.scr
Please download Win32kDiag.exe
by AD and save it to your desktop.alternate download 1alternate download 2
- This tool will create a diagnostic report
- Double-click on Win32kDiag.exe to run and let it finish.
- When it states Finished! Press any key to exit..., press any key on your keyboard to close the program.
- A file called Win32kDiag.txt should be created on your Desktop.
- Open that file in Notepad and copy/paste the entire contents (from Starting up... to Finished! Press any key to exit...) in your next reply.
, then copy and paste this command into the open box: cmd
At the command prompt C:\>
, copy and paste the following command and press Enter:
DIR /a/s %windir%\scecli.dll %windir%\netlogon.dll %windir%\eventlog.dll >Log.txt & START notepad Log.txt
A file called log.txt
should be created on your Desktop.
Open that file and copy/paste the contents in your next reply.