Well we will check for infection.. In the meantime ...
Don't use IE until they patch the latest vulnerability.
Run TFC by OT
(Temp File Cleaner)
Please download TFC
by Old Timer and save it to your desktop. alternate download link
Save any unsaved work. TFC will close ALL open programs including your browser!
Double-click on TFC.exe
to run it. If you are using Vista, right-click on the file and choose Run As Administrator
Click the Start
button to begin the cleaning process and let it run uninterrupted to completion. Important!
If TFC prompts you to reboot, please do so immediately. If not prompted, manually reboot the machine anyway to ensure a complete clean.Next run Superantisypware (SAS):
Please download and scan with SUPERAntiSpyware Free
- Double-click SUPERAntiSypware.exe and use the default settings for installation.
For instructions with screenshots, please refer to the How to use SUPERAntiSpyware to scan and remove malware from your computer Guide.
- An icon will be created on your desktop. Double-click that icon to launch the program.
- If it will not start, go to Start > All Prgrams > SUPERAntiSpyware and click on Alternate Start.
- If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
- In the Main Menu, click the Preferences... button.
- Click the "General and Startup" tab, and under Start-up Options, make sure "Start SUPERAntiSpyware when Windows starts" box is unchecked.
- Click the "Scanning Control" tab, and under Scanner Options, make sure the following are checked (leave all other options as they are set):
- Close browsers before scanning.
- Scan for tracking cookies.
- Terminate memory threats before quarantining.
- Click the "Close" button to leave the Control Center screen.
- Back on the main screen, under "Select Scan Type" check the box for Complete Scan.
- If your computer is badly infected, be sure to check the box next to Enable Rescue Scan (Highly Infected Systems ONLY).
- Click the Scan your computer... button.
- After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
- Make sure everything has a checkmark next to it and click "Next".
- A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
- If asked if you want to reboot, click "Yes" and reboot normally.
To retrieve the scan log after reboot, launch SUPERAntiSpyware again.
- Click the View Scan Logs button at the bottom.
- This will open the Scanner Logs Window.
- Click on the log to highlight it and then click on View Selected Log to open it.
- Copy and paste the scan log results in your next reply.
-- Some types of malware will disable security tools. If SUPERAntiSpyware will not install, please refer to these instructions
for using the SUPERAntiSpyware Installer. If SUPERAntiSpyware is already installed but will not run, then follow the instructions for using RUNSAS.EXE to launch the program.
Now...Please download TDSSKiller.zip
and and extract it.
- Run TDSSKiller.exe.
- Click on Change Parameters
- Put a check in the box of Detect TDLFS file system
- Click Start scan.
- When it is finished the utility outputs a list of detected objects with description.
The utility automatically selects an action (Cure or Delete) for malicious objects.
The utility prompts the user to select an action to apply to suspicious objects (Skip, by default). Let the options as it is and click Continue
- Let reboot if needed and tell me if the tool needed a reboot.
- Click on Report and post the contents of the text file that will open.
Note: By default, the utility outputs the log into system disk (it is usually the disk with installed operating system, C:\) root folder. The Log has a name like: TDSSKiller.Version_Date_Time_log.txt.