Please do this first:
1.
TFC (Temp File Cleaner)
Download
TFC to your desktop
- Open the file and close any other windows.
- It will close all programs itself when run, make sure to let it run uninterrupted.
- Click the Start button to begin the process. The program should not take long to finish its job
- Once its finished it should reboot your machine, if not, do this yourself to ensure a complete clean
TFC only cleans temp folders. TFC will not clean URL history, prefetch, or cookies. Depending on how often someone cleans their temp folders, their system hardware, and how many accounts are present, it can take anywhere from a few seconds to a minute or more. TFC will completely clear all temp files where other temp file cleaners may fail.
TFC requires a reboot immediately after running. Be sure to save any unsaved work before running TFC.
TFC (Temp File Cleaner) will clear out all temp folders for all user accounts (temp, IE temp, java, FF, Opera, Chrome, Safari), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder.
2.Then run a full system
scan with your AV. Save the log and include it in next reply.
3.
Run Combofix:
Please download ComboFix
HERE:
- With ComboFix, at the download window, please rename it to Combo-Fix(.exe) before downloading it.
- Please disable all security programs, such as antiviruses, antispywares, and firewalls. Also disable your internet connection.
- Run Combo-Fix.exe and follow the prompts.
(Understand that things like your system clock changing and your desktop disappearing might happen. Do not worry, because all will be restored later.)
- Wait for the scan to be completed.
- If it requires a reboot, please do it.
• After the scan has completed entirely, please post the log here. The log will be located at C:\ComboFix(.txt)
Do not click on the ComoboFix window, as it may cause it to stall.
CF disconnects your machine from the internet. The connection is automatically restored before CF completes its run. If CF runs into difficulty and terminates prematurely, the connection can be manually restored by restarting your machine.
4.
Run Hijackthis Instructions
* Only do this step after completing the previous steps
* Make sure you have the LATEST version of HJT (currently v2.0.2) it can be downloaded from HERE
* Run the HijackThis Installer and it will automatically place HJT in C:\Program Files\TrendMicro\HijackThis\HijackThis.exe. Please don't change the directory.
* After installing, the program launches automatically, select Scan now and save a log
* After the scan is complete please attach your logs onto the forums
Attachments should be:
HijackThis log
Antivirus log
Combofix report
