I removed the startup entry that triggered a cmd command execution.
HKU\S-1-5-21-1696983198-4037134883-1275287553-1002\...\Run: [CMD] => cmd.exe /c start http://extendedunlimited.org && exit <===== ATTENTION
Before I let you free I'd like us to scan your machine with ESET OnlineScan to be completely sure your pc is malware free (since you had the new version of Viknok)
- Hold down Control and click on the following link to open ESET OnlineScan in a new window.
- Click the Run ESET Online Scanner button.
- For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on to download the ESET Smart Installer. Save it to your desktop.
- Double click on the icon on your desktop.
- Click the button.
- Accept any security warnings from your browser.
- Make sure that the option Remove found threats is NOT checked, and the option Scan archives is checked.
- Now click on Advanced Settings and select the following:
- Scan for potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth Technology
- Push the Start button.
- ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
- When the scan completes, push
- Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
- Push the button.
Also let's check for outdated and vulnerable software on your pc:
Download Security Check by screen317 from here.
- Save it to your Desktop.
- Double click SecurityCheck.exe to run it.
- A notepad document should open automatically called checkup.txt; please post the contents of that document.