Hello tabitha -
You may have just stopped it in time. These should not take too long to run, but please run them in the order they are posted
Just a few quick checks if you like -
Download Screen317 Security Check and save it to your Desktop.
* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt
* Please post the contents of that document.
Note:: If a security program requests permission to access the Internet, allow it to do so.
Please download Rkill (courtesy of BleepingComputer.com) to your desktop.
There are 2 different versions. If one of them won't run then download and try to run the other one.
You only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
iExplore.exe (renamed rKill.exe): http://www.bleepingcomputer.com/download/rkill/dl/11/
* Double-click on the Rkill desktop icon to run the tool.
* If using Vista or Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
* If not, delete the file, then download and use the one provided in Link 2.
* If the tool does not run from any of the links provided, please let me know.
NOTE - If normal mode still doesn't work, run the tool from safe mode.
When the scan is done Notepad will open with rKill log.
Post it in your next reply.
NOTE. rKill.txt log will also be present on your desktop.
Do not reboot until instructed.
Download TDSSKiller and save it to your desktop.
Extract (unzip) its contents to your desktop.
* Open the TDSSKiller folder and doubleclick on TDSSKiller.exe to run the application, then on Start Scan.
* If an infected file is detected, the default action will be Cure, click on Continue.
* If a suspicious file is detected, the default action will be Skip, click on Continue.
* It may ask you to reboot the computer to complete the process. Click on Reboot Now.
* If no reboot is require, click on Report. A log file should appear. Please copy and paste the contents of that file here.
* If a reboot is required, the report can also be found in your root directory (usually C:\ folder) in the form of TDSSKiller_xxxx_log.txt.
Please copy and paste the contents of that file here.
A quick Online Scanner -
Please Download Dr Web Cure it from => Here
Save the program to your desktop.
Boot the machine into Safe Mode
Click the button that reads I agree to participate in software quality improvemnet program.
Then hit the Continue button.
Now hit Select Objects for scanning.
Place a tick next to Scanning objects this will tick all items for scanning.
There is no need to join their Facebook page
Click the Tool icon on the top right.
Select Automatically Apply actions to threats.
Now go to settings and make sure that the screen looks like this.
Under actions make sure the settings are the same as below.
Then go to the log tab and drop the slider to minimal.
Next hit start scanning.
This scan can take a while to complete this is normal.
EDIT - Note: Scan time is 00:43:42.609 (was the last scan time)
Just let it run, and it will not need attention during the scan.
When the scan has completed hit the open report and post the log back here in your next reply.
And finish with
Clear Cache / Temp Files
Download TFC by OldTimer to your desktop
• Please double-click TFC.exe to run it.
• For Vista, Win 7 / 8 right-click on the file and choose Run As Administrator).
• It will close all programs when run, so make sure you have saved all your work before you begin.
• Click the Start button to begin the process.
• Once it's finished it may reboot your machine.
• If it does not, please manually reboot the machine yourself to ensure a complete clean.
No log is expected or produced
Thank You -
Edited by noknojon, 20 January 2014 - 02:14 PM.