Please do the following. Post your logs in your topic, Do not wrap your logs in "quotes" or "code" brackets, and do not use
Please download and run RKill
RKill is an easy to use tool that kills known processes and removes Windows Registry entries that stop a user from using their normal security applications. RKill will not remove any of the processes it stops, you will need to run security scans to remove any malware found. These settings will remain until the computer is rebooted, for this reason you must run your security applications before the computer is rebooted.
Please download RKill and install it.
When RKill has finished running a log will be displayed showing all of the processes that were terminated by RKill.
Attention: At this time you need to run your security applications listed below.
While RKill is running you may see a message from the malware stating that the program could not be run because it is a virus or is infected. This is the malware trying to protect itself. Two methods that you can try to get past this and allow RKill to run are:
1) Rename Rkill so that it has a .com extension.
2) Download a version that is already renamed as files that are commonly white-listed by malware. The main Rkill download page contains individual links to renamed versions.
After the application has run successfully and you have run the requested scans you should reboot the computer to restore the processes and Windows Registry entries.
Please download Malwarebytes Anti-Malware 2.2.
1) Double-click on mbam-setup.exe, then click on Run to install the application, follow the prompts through the installation.
2) Malwarebytes will automatically open, click on Update Now to update to the newest definitions.
3) Click on Settings, when Settings opens click on Detection and Protection, then under Non-Malware Protection, click on the down arrow for PUP (Potentially Unwanted Programs) detections and select Treat detections as malware. Under Detection Options place a check in the box for Scan for rootkits
4) Click on Scan (next to Settings), then click on Scan Now. The scan will automatically run now.
5) When the scan is complete the results will be displayed. Click on Delete All.
6) Please post the Malwarebytes log.
To find the Malwarebytes log do the following. Copy and paste the log in your topic.
*Open Malwarebytes Anti-Malware.
*Click the Scan Tab at the top.
*Click the View detailed log link on the right.
*Click Copy to Clipboard at the bottom...come back to this thread, click Add Reply, then right-click and choose Paste.
*Alternatively, you can click Export and save the log as a .txt file on yout Desktop or another location.
*Be sure to post the complete log to include the top portion which shows MBAM's database version and your operating system.
Please download AdwCleaner and install it.
When AdwCleaner opens click on Scan to start the scan.
Once the search is complete a list of the pending items will be displayed. If you see any which you do not want removed, remove the check mark next to it.
If there are no malicious programs are found you will receive a message informing you of this.
Click on Clean to remove the selected items. If you have any questions about any items in the list please copy and paste the list in your topic so we can review it.
You will receive a message telling you that all programs will be closed so that the infections can be removed. Click on OK. The computer will be restarted to complete the cleaning process.
When the cleaning process is complete a log of what was removed will be presented. Please copy and the paste this log in your topic.
Please run the ESET OnlineScan
This scan takes quite a long time to run, so be prepared to allow this to run
till it is completed.
***Please note. If you run this scan using Internet Explorer you won't need
to download the Eset Smartinstaller.***
ESET Online Scanner
- Click here to download the installer for ESET Online Scanner and save it to your Desktop.
- Disable all your antivirus and antimalware software - see how to do that
- Right click on esetsmartinstaller_enu.exe and select Run as Administrator.
- Select Enable detection of potentially unwanted applications.
- Click Advanced Settings, then place a checkmark in the following:
- Remove found threats
- Scan archives
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
- Click Start to begin scanning.
- ESET Online Scanner will start downloading signatures and scan. Please be patient, as this scan can take quite some time.
- If threats are found click on Save to text file in Documents.
- Open Documents, find the report, copy and paste it in your topic.
Edited by dc3, 25 August 2017 - 12:35 PM.