|We need to get some tools from the internet in order to be able to clean this infection. Your best bet is to download these tools using a non-infected machine and then copy them to the infected one using a flash drive or writable CD. Let me know if this is not possible for whatever reason and we can come up with an alternate strategy. |
First, download FixNCR.reg from bleeping computer here: http://download.bleepingcomputer.co...
Double-click on the file to run it and choose OK when prompted to import the file into the registry. This will prevent the malware from running every time you start a program.
Next, download rKill.com from bleeping computer here: http://download.bleepingcomputer.co...
Double-click on the file to run it. This should automatically terminate the processes belonging to the infection so that the pop-ups and other annoyances will go away and let us clean things more effectively.
Finally, download MalwareBytes from http://malwarebytes.org/mbam-downlo...
Install MalwareBytes using the default settings, allow the program to update, and run a full system scan. Once it is done, select "OK" at the message. When the list of issues that it found comes up, click on "remote selected items”. Allow the machine to reboot if it asks.
Once the machine comes back up, log in, and test out your PC and see if you are still having any issues.
If you are, download OTL from http://oldtimer.geekstogo.com/OTL.exe
Save it to your desktop and run it. Select file age of 7 days, Check the boxes marked “LOP Check” and “Purity Check”, then click on “Run Scan”. It will create 2 files that will be saved on your desktop. They should be named OTL.txt and Extras.TXT. Copy and paste the contents of both of these files into a response in here so I can review them and let you know the next steps that we will need to take.
If the machine tests fine however, you should be good to go. Just be sure to disable system restore and then re-enable it to ensure that the infection is not still alive in the system restore files. Let me know if you need assistance on how to do that. Otherwise, feel free to delete or uninstall any of the tools we used and enjoy the clean PC. :)
IT Desktop & Network Consultant - MOS Master Certified, MCP, MCITP - Windows 7, CCNA Certificate Pending, A+, Network +