Hello, Welcome to BleepingComputer.
I'm nasdaq and will be helping you.
If you can please print this topic it will make it easier for you to follow the instructions and complete all of the necessary steps in the order listed.
Please download these tools to a CD or Flash driver using a good computer.
Copy the files to the Desktop of the Compromised computer and run them.--RogueKiller--
- Download & SAVE to your Desktop Download RogueKiller
- Quit all programs that you may have started.
- Please disconnect any USB or external drives from the computer before you run this scan!
- For Vista or Windows 7, right-click and select "Run as Administrator to start"
- For Windows XP, double-click to start.
- Wait until Prescan has finished ...
- When instructed Click on "Scan" button
- Wait until the Status box shows "Scan Finished"
- Click on "Report"
- Click on Export TXT button save the file as RogueReport.txt
- The file RogueReport.txt will be saved in the desktop.
- Close the program.
- Open the file with Notepad and Copy/paste the content into your next reply.
You will need to temporarily disable your AV program so it does not interfere.
Info on how to disable your security applications How To Temporarily Disable Your Anti-virus, Firewall And Anti-malware Programs - Security Mini-Guides
Download Zeok tool from here
When the download appears, save to the Desktop
On the Desktop, right-click the Zoek.exe
file and select: Run as Administrator
(Give it a few seconds to appear.)
Click the Options in bold
the following options are available to you.Select only the check boxes for the options in bold.
Do a Quick Scan
Do a Deep Scan
System Restore Info
any open Browsers.
Click the Run script
button, and wait. It takes a few minutes to run all the script.
When the tool finishes, the zoek-results.log
is opened in Notepad.
The log is also found on the systemdrive, normally C:\
If a reboot is needed, the log is opened after the reboot.
Please attach the zoek-results.log in your reply. It's probably too long to post.
In the Reply
section in the bottom of the topic Click the "more reply Options
Select the "Choose a File
" navigate to the location of the File.Click
the file you wish to Attach.Click
the Add reply
button.Make sure you Enable your AV Program.
How is the computer running now?