Hello DarkPenguins and Welcome to the BleepingComputer.
My name is Yılmaz and I'll help you with the cleanup of malware from your computer.
Before we move on, please read the following points carefully.
- Please complete all steps in the specified order.
- Even if tools don't find malware, I want you to post the logfiles anyway.
- Please copy and paste the logfiles directly into your posts. Please do not attach them unless you are instructed to do so.
- Read the instructions carefully. If you have problems, stop what you were doing and describe the problems you encountered as precisely as you can.
- Don't install or uninstall software during the cleanup unless you are told to do so.
- Ensure your external and/or USB drives are inserted during always the scan.
- If you can't answer for the next few days, please let me know. If you haven't answered within 5 days, I am assuming that you don't need help anymore and your topic will be closed.
- If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
- I can not guarantee that we will find and be able to remove all malware. The cleaning process is not instant. Please continue to review my answers until I tell you that your computer is clean
- Please reply to this thread. Do not start a new topic
- As my first language is not English, please do not use slang or idioms. It could be hard for me to understand.
- Please open as administrator the computer. How is open as administrator the computer?
- Disable your AntiVirus and AntiSpyware applications, as they will interfere with our tools and the removal. If you are unsure how to do this, please refer to get help here
Please do the following,
Boot to Safemode with Networking
To Enter Safemode
- Go to Start> Shut off your Computer> Restart
- As the computer starts to boot-up, Tap the F8 KEY somewhat rapidly,
this will bring up a menu.
- Use the Up and Down Arrow Keys to scroll up to Safemode with Networking
- Then press the Enter Key on your Keyboard
Tutorial if you need it How to boot into Safemode
- Please download rkill (Courtesy of Bleepingcomputer.com).
- There are 5 different versions of this tool. If one of them will not run, please try the next one in the list.
- Note: Vista and Windows 7 Users must right click and select "Run as Administrator" to run the tool.
- Note: You only need to get one of the tools to run, not all of them.
Scan with Malwarebytes Antimalware:
Please download Malwarebytes Anti-Malware to your desktop.
- Double-click the downloaded setup file and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to the following:
- Launch Malwarebytes Anti-Malware
- A 14 day trial of the Premium features is pre-selected. You may deselect this if you wish, and it will not diminish the scanning and removal capabilities of the program.
If the program is already installed:
- Run Malwarebytes Antimalware
- On the Dashboard, click the 'Update Now >>' link
- After the update completes, click the 'Scan Now >>' button.
- Or, on the Dashboard, click the Scan Now >> button.
- If an update is available, click the Update Now button.
- A Threat Scan will begin.
- When the scan is complete, if there have been detections, click Apply Actions to allow MBAM to clean what was detected.
- In most cases, a restart will be required.
- Wait for the prompt to restart the computer to appear, then click on Yes.
- After the restart once you are back at your desktop, open MBAM once more.
- Click on the History tab > Application Logs.
- Double click on the scan log which shows the Date and time of the scan just performed.
- Click 'Copy to Clipboard'
- Paste the contents of the clipboard into your reply
And please normaly mode now.
Please do the following.
Please download Farbar Recovery Scan Tool and save it to your desktop.
Note: You need to run the version compatibale with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
- Double-click to run it. When the tool opens click Yes to disclaimer.
- Make sure the following option is checked:
- Press Scan button.
- It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
- The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply.