|Check the following, and then run the program below:|
Open Internet Explorer
Go to Tools, Internet Options, Connections, LAN settings
In the LAN settings prompt, make sure it is set to:
Automatically detect settings
Also check the Hosts file:
(Open it in Notepad)
Sample Hosts file:
# Copyright (c) 1993-2009 Microsoft Corp.
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
# For example:
# 126.96.36.199 rhino.acme.com # source server
# 188.8.131.52 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
Check to see there are no entries added by malware.
Then, do the following:
Run the Kaspersky Virus Removal Tool:
Right-click and select: Run as administrator, if the option is available. If not, double-click the file to run the program.
When it starts, to the right of 'Security Level' click 'Recommended', and select: Settings
-In the window that opens (Autoscan), in the ‘Scope’ tab, place a checkmark to the left of: 'Parse email formats'.
-Click the ‘Additional tab’ and click to place a checkmark by ’RootKit Scan’, and ‘Deep Scan‘, then click OK.
Select all the drives to scan, except for CD-ROM drives, and click the ‘Start Scan’ button
If malware is detected, place a checkmark in the ‘Apply to all’ box, and click the ‘Delete’ button (or 'Disinfect' if the button is active).
After the scan finishes, if any threat remains in the Scan window (Red exclamation point), click the ‘Neutralize all’ button.
In the window that opens, place a checkmark in the ‘Apply to all’ box, and click the ‘Delete’ button (or Disinfect if the button is active).
If advised that a special disinfection procedure is required which demands system reboot: click the OK button to close the window.
In the Scan window click the ‘Reports’ button and select ‘Save to file‘.
Name the report 'kvrt.txt', and save it to the Desktop.
Close the program.
Please copy/paste the report (of Detected malware) in your reply.
Retired - Doin' Dis, Dat, and slapping malware.