This could be all sorts of infections. Prior to posting a HJT log you could do the following :
Please download RogueRemover
and save to your Desktop.
* Extract (unzip) the file to a convenient location such as C:\RogueRemover.
for information on how to do this if not sure. Win 9x/2000 users click here
. A ZIP file requires an unzipping utility. If you need one, download 7zip
* Navigate to the folder you unzipped the files to.
* Double click on the file named RogueRemover.exe.
* Select "Scan" and the program will walk you through the remaining steps.
If your running Win XP/2000, download and scan with AVG Anti-Spyware 7.5
in "SAFE MODE"
(This is Ewdio 4.0 renamed. If you already have Ewido installed, please update to this version which has a special "clean driver" for removing persistent malware.) Be sure to print out and follow the AVG Anti-Spyware Install-Scan Instructions.
After that, download DrWeb-CureIt
& save it to your desktop. DO NOT perform a scan yet.
Reboot your computer in SAFE MODE
using the F8 method.
Scan with DrWeb-CureIt as follows:
* Double-click on drweb-cureit.exe to start the program. An "Express Scan of your PC" notice will appear.
* Under "Start the Express Scan Now", Click "OK" to start. This is a short scan that will scan the files currently running in memory and when something is found, click the Yes button when it asks you if you want to cure it.
* Once the short scan has finished, Click Options > Change settings
* Choose the "Scan tab" and UNcheck "Heuristic analysis"
* Back at the main window, click "Select drives" (a red dot will show which drives have been chosen)
* Then click the "Start/Stop Scanning" button (green arrow on the right) and the scan will start.
* When done, a message will be displayed at the bottom advising if any viruses were found.
* Click "Yes to all" if it asks if you want to cure/move the file.
* When the scan has finished, look if you can see the icon next to the files found. If so, click it, then click the next icon right below and select "Move incurable".
(This will move it to the C:\Documents and Settings\userprofile\DoctorWeb\Quarantine folder if it can't be cured)
* Next, in the Dr.Web CureIt menu on top, click file and choose save report list.
* Save the DrWeb.csv report to your desktop.
* Exit Dr.Web Cureit when done.
* Important! Reboot your computer because it could be possible that files in use will be moved/deleted during reboot.
Please run a BitDefender
- Click I Agree to agree to the EULA.
- Allow the ActiveX control to install when prompted.
- Click Click here to scan to begin the scan.
- Please refrain from using the computer until the scan is finished. This might take a while to run, but it is important that nothing else is running while you scan.
- When the scan is finished, click on Click here to export the scan results.
- Save the report to your desktop so you can post it in your next reply.