C,exe is a file from a new strain of rogue antivirus which, as you now now, also often brings along a rootkit which messes around with your settings. We could waste time trying to run a rootkit scanner but as we have an ID on the likely culprit we can go straight in here.Let's run two programs which should calm down the grip on the PC
Please download exeHelper
to your desktop.
Double-click on exeHelper.com
to run the fix.
A black window should pop up, press any key to close once the fix is completed.
Post the contents of exehelperlog.txt
(Will be created in the directory where you ran exeHelper.com, and should open at the end of the scan)Note: If the window shows a message that says "Error deleting file", please re-run the program before posting a log - and post the two logs together (they will both be in the one file).ThenDownload and Run RKill
Please download RKill
from one of the 4 links below and save it to your desktop
Next please run Combofix.
- Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
- Double-click on Rkill on your desktop to run it. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
- A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
- If nothing happens or if the tool does not run, please let me know in your next reply
Please download ComboFix
from one of these locations:* IMPORTANT !!! Save ComboFix.exe to your Desktop making sure you rename it comfix.exe
**Please note: If the Microsoft Windows Recovery Console is already installed, ComboFix will continue it's malware removal procedures.
- Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
- Double click on Combofix.exe & follow the prompts.
- As part of it's process, ComboFix will check to see if the Microsoft Windows Recovery Console is installed. With malware infections being as they are today, it's strongly recommended to have this pre-installed on your machine before doing any malware removal. It will allow you to boot up into a special recovery/repair mode that will allow us to more easily help you should your computer have a problem after an attempted removal of malware.
- Follow the prompts to allow ComboFix to download and install the Microsoft Windows Recovery Console, and when prompted, agree to the End-User License Agreement to install the Microsoft Windows Recovery Console.
Once the Microsoft Windows Recovery Console is installed using ComboFix, you should see the following message:
Click on Yes, to continue scanning for malware.
When finished, it shall produce a log for you. Please include the C:\ComboFix.txt
in your next reply.
Let me know if you have any problems with any step.