. My name is Michael and I am here to help you fix your computer
. If you have already received help elsewhere please inform me so that this topic can be closed.
If you haven't, please keep reading:Note:
Before we start the process you should:
- POST your logs, don't attach them, as it makes it harder to read.
- Save or print these instructions as a part of the fix will be in safe mode where you will not be able to access the internet.
- Disable ANY programs that offer real-time protection features while executing my instructions. That includes your antivirus, antispyware, windows defender or any other program that offers protection. When you're clean or waiting for my next set of instructions, re-enable them .If you need any help disabling them, ask.
- Each time I instruct you to download a file to use it, please do it even if I have told you before to download it again. This is because these tools are frequently updated to detect newer infections.
- Last, as most of the tools we use here need administrative rights in order to function properly, I expect that you will be running them from an administrator account.
Sorry for the late replay
Hi lets try this first, if it fails go to Plan BNotes:
- If using Firefox right-click on any download links and choose Save As
- If you don't have internet access from the infected computer, then download these tools from a clean computer to your USB Stick, and from there transfer them to your infected computer's desktop.
Please download OTH
to your desktop
Please download OTL
to your desktop
Please download Scan.txt
to your desktop
Double click the OTH file to run it and click Kill All Processes
, your desktop will go blank.
Then select Start OTL
. OTL will now run
- Double-click on the Custom Scans box and a message box will popup asking if you want to load a custom scan from a file
Select Scan.txt that you downloaded
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Click the Internet Explorer button, post these logs in your Virus Removal topic.
Download Rkill from here : there are several flavours to choose from, if one does not work then try the next*rkill.com*rkill.scr*rkill.pif
Once it is downloaded, double-click on rkill
in order to automatically attempt to stop any processes associated with Security Central and other Rogue programs. Please be patient while the program looks for various malware programs and ends them. When it has finished, the black window will automatically close and you can continue with the next step. If you get a message that rkill is an infection, do not be concerned. This message is just a fake warning given by Security Central when it terminates programs that may potentially remove it. If you run into these infections warnings that close Rkill, a trick is to leave the warning on the screen and then run Rkill again. By not closing the warning, this typically will allow you to bypass the malware trying to protect itself so that rkill can terminate Security Central . So, please try running Rkill until malware is no longer running. You will then be able to proceed with the rest of my instructions.
Do not reboot your computer after running rkill as the malware programs will start again.
Then run OTL as above