NoirEvanc
Welcome to the forum
Step 1.Getting Hijackthis and installing it correctlyClick here to download
HJTsetup.exe• Save
HJTsetup.exe to your desktop.
• Double click on the
HJTsetup.exe icon on your desktop.
• By default it will install to
C:\Program Files\Hijack This.
• Continue to click
Next in the setup dialogue boxes until you get to the
Select Addition Tasks dialogue.
• Put a check by
Create a desktop icon then click
Next again.
• Continue to follow the rest of the prompts from there.
• At the final dialogue box click
Finish and it will launch Hijack This.
• Click on the
Do a system scan and save a log file button. It will scan and then ask you to save the log.
• Click
Save to save the log file and then the log will open in notepad.
• Click on "
Edit >
Select All" then click on "
Edit >
Copy" to copy the entire contents of the log.
•
Paste the log in your next reply.
• If you haven't already posted then start a new thread in the
Virus/Trojan/Spyware/Malware forum
•
DO NOT have Hijack This fix anything yet. Most of what it finds will be harmless or even required.
__________________________________________________________________________________
Step 2Please Boot to Safe Mode with Networking...Please download and run the below tool named Rkill There are 4 different versions. If one of them won't run then download and try to run the other one.
Vista and
Win7 users need to right click
Rkill and choose Run as AdministratorYou only need to get one of these to run, not all of them. You may get warnings from your antivirus about this tool, ignore them or shutdown your antivirus.
*
Rkill.com*
Rkill.scr*
Rkill.pif *
Rkill.exe * Double-click on the
Rkill desktop icon to run the tool.
* If using
Vista or
Windows 7 right-click on it and choose Run As Administrator.
* A black DOS box will briefly flash and then disappear. This is normal and indicates the tool ran successfully.
*
If not, delete the file, then download and use the one provided in
Link 2.
* If it does not work, repeat the process and attempt to use one of the remaining links until the tool runs
(it can take a few trys to get it to run).
*
Do not reboot until instructed.
* If the tool does not run from any of the links provided, please let me know.
__________________________________________________________
Step 3How to run a scan with Malwarebytes' Anti-MalwareDownload Malwarebytes' Anti-Malware from
HereDouble Click
mbam-setup.exe to install the application.
* Make sure a checkmark is placed next to
Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click
Finish.
* If an update is found, it will download and install the latest version.
* Once the program has loaded, select "
Perform Quick Scan", then click
Scan.
o If the program won't start, go to MBAM's program folder (
normally C:\Program Files\Malwarebytes' Anti-Malware), rename
mbam.exe to a random file name (
keep the .exe extension) and double-click on it to start the program.
* The scan may take some time to finish,so please be patient.
* When the scan is complete, click
OK, then
Show Results to view the results.
* Make sure that
everything is checked, and click
Remove Selected.
* When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note Below)
* The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.
Troubleshooting MBAM ProblemsSome malware targets Malwarebytes' Anti-Malware and other cleaning tools to prevent you from using them to clean your system.
Unable to Run MBAMIf you attempt to run the installer for MBAM and it won't run, or starts and closes, using Windows Explorer go to the folder you saved the install program and try renaming it to one of the following file names: * iexplore.exe
* explorer.exe
* userinit.exe
* winlogon.exe
* mbam.scrThen double-click on the renamed file to try to run it. If that doesn't work, try one of the other file names above. If you are still unable to run the MBAM installer, then download and run this program to try to kill the malware process:
Poll
