Hello rkd128 and welcome to Bleepingcomputer forums.
This has Spybot's Tea Timer on, which will conflict & interfere with any fixes that need to be done. Please disable Tea Timer & keep it that way for the entire duration of this case !
Start Spybot-S&D, switch to the Advanced mode via the menu bar item Mode
then select Advanced Mode
On the left hand side, slect Tools
Then click on the Resident
icon in the list
Uncheck Resident TeaTimer
and OK any prompts.
Next, this has 2 antivirus programs actively monitoring. Since AVG apparently was the 1 last inatlled, please Uninstall it.
Now Logoff & Restart your computer fresh.
Tell me if the McAfee is one where you have a current paid license or if this is a trial version.Step 1
1. Go >> Here <<
and download ERUNT
(ERUNT (Emergency Recovery Utility NT) is a free program that allows you to keep a complete backup of your registry and restore it when needed.)
2. Install ERUNT by following the prompts
(use the default install settings but say no to the portion that asks you to add ERUNT to the start-up folder, if you like you can enable this option later)
3. Start ERUNT
(either by double clicking on the desktop icon or choosing to start the program at the end of the setup)
4. Choose a location for the backup
(the default location is C:\WINDOWS\ERDNT which is acceptable).
5. Make sure that at least the first two check boxes are ticked
6. Press OK
7. Press YES to create the folder.Step 2
To show all files:
Step 3Disable your AntiVirus and AntiSpyware
- Go to your Desktop
- Double-Click the Computer icon.
- From the menu options, Select Tools, then Folder Options.
- Next click the View tab.
- Locate and uncheck Hide file extensions for known file types.
- Locate and uncheck Hide protected operating system files (Recommended).
- Locate and click Show hidden files and folders and drives.
- Click Apply > OK.
applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools
For directions on how, see How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs
Do NOT turn off the firewall
( 511KB ) to your desktop.On Windows 7 or Vista
, RIGHT click on aswMBR.exe and select Run As Administrator to start.On Windows XP
, double click the exe to start.change the a-v scan to None.
uncheck trace disk IO calls
Click the "Scan" button to start scan
On completion of the scan (Note if the Fix button is enabled (not the FixMBR button) and tell me) click save log, save it to your desktop and post in your next replyDo not click any FIX button. We just need an initial report.Step 4Please read carefully and follow these steps.
- Download TDSSKiller and save it to your Desktop.
- Double-Click on TDSSKiller.exe to run the application, then on Start Scan.
If running Vista or Windows 7, do a RIGHT-Click and select Run as Administrator to start TDSSKILLER.exe.
- If an infected file is detected, the default action will be Cure, click on Continue.
- If a suspicious file is detected, the default action will be Skip, click on Continue.
- If you get the warning about a file UnsignedFile.Multi.Generic or LockedFile.Multi.Generic please choose
Skip and click on Continue
- It may ask you to reboot the computer to complete the process. Click on Reboot Now.
- If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
- If a reboot is required, the report can also be found in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
Do NOT click any FIX buttons !Step 6
- Download & SAVE to your Desktop >> Tigzy's RogueKillerfrom here << or
>> from here <<
- Quit all programs that you may have started.
- Please disconnect any USB or external drives from the computer before you run this scan!
- For Vista or Windows 7, do a right-click on the program, select Run as Administrator to start, & when prompted Allow to run.
For Windows XP, double-click to start.
- Wait until Prescan has finished ...
- Then Click on Scan button at upper right of screen.
- Wait until the Status box shows "Scan Finished"
- Click on Report and copy/paste the content of the Notepad into your next reply.
- The log should be found in RKreport.txt on your Desktop
- Exit/Close RogueKiller
RE-Enable your antivirus program.
Then copy/paste the following into your post (in order):
- the contents of aswMBR report;
- the contents of TDSSKILLER log;
- the contents of RKReport log;
Be sure to do a Preview prior to pressing Submit because all reports may not fit into 1 single reply. You may have to do more than 1 reply.
Do not use the attachment feature to place any of your reports. Always put them in-line inside the body of reply.