I just finished running Combofix, and everything seems to be back to normal.
Thank you. You can end the thread if you want. However, I recommend that you do the following:
[1] I Checked the Combofix log.
[2] Advising you that you have 2 antivirus programs- neither of which was disabled when you ran Combofix.
[3] Leaving the following tools for whichever AV program you choose to uninstall- because:
[o] Multiple antivirus programs can make you more vulnerable
[o] Multiple AV programs can slow the system down.
Boot into Safe Mode to uninstall AV
- Restart your computer and start pressing the F8 key on your keyboard.
- Select the Safe Mode option when the Windows Advanced Options menu appears, and then press ENTER.
Uninstall Avira AntiVir Personal software: click Start> go to Settings or to System Administration Software> select the Avira AntiVir> Click on Remove.
OR
Uninstall Spyware Doctor with AntiVirus: Start> Programs> Spyware Doctor> Uninstall Spyware Doctor.
Use Windows Explorer to navigate to C:\
Program Files' and right click> Delete the folder for the AV program you have uninstalled.
Reboot back into Normal Mode when finished.
[4]
Stop Real Time Protection before doing ANY of the scans:
IF you keep Spyware Doctor: You should also temporarily disable
PCTools Browser Monitor: If you are running Internet Explorer, click Tools> Manage Add-ons. If PCTools Browser Monitor is on the list, click it & select Disable. You will need to restart your browser after making the change.
[5]
There are some tmp files in the Combofix report that shouldn't be there. If they still show after running the following, I'll have you move them. Please run
TFC (Temp File Cleaner)
Download
TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. TFC will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
[6] Delete the Combofix report on the desktop.
Rerun Combofix with all security off per instructions:
Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection
[7] Run the Eset Online scanner:
Run Eset NOD32 Online AntiVirus Scanner HERE
Note: You will need to use Internet Explorer for this scan.
- Tick the box next to YES, I accept the Terms of Use.
- Click Start
- When asked, allow the Active X control to install
- Disable your current Antivirus software. You can usually do this with its Notification Tray icon near the clock.
- Click Start
- Make sure that the option "Remove found threats" is Unchecked, and the option "Scan unwanted applications" is checked
- Click Scan
- Wait for the scan to finish
- Re-enable your Antivirus software.
- A logfile is created and located at C:\Program Files\EsetOnlineScanner\log.txt. Please include this on your post.
[8]
Rescan with HijackThis
Attach new Combofix report, Eset scan and new HJT log to your next reply
When the system has been cleaned, I will have you remove all of the cleaning tools and old restore points.