Sorry about the delayed response, I am having hardware problems on my laptop - trying to switch all my stuff over to a new one.
Are there any other symptoms other than the hacked by pokemon title in internet explorer?
Step 1
You should still have this program on your desktop, but if you don't, please download a fresh copy
Download Security Check from here or here.
- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Step 2
Download OTL to your Desktop
- Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
- Select All Users
- Under the Custom Scan box paste this in
/md5start
*.vbs
/md5stop
- Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
- Post both the fresh Quick Scan log and the OTL fix log in your next response[\list]
Step 3
Since combofix won't run on your system, let's use another tool to have a look at your drivers and services,
Download the latest version of TDSSKiller from here and save it to your Desktop.[list] - Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
- Put a checkmark beside loaded modules.
- A reboot will be needed to apply the changes. Do it.
- TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
- Then click on Change parameters in TDSSKiller.
- Check all boxes then click OK.
- Click the Start Scan button.
- The scan should take no longer than 2 minutes.
- If a suspicious object is detected, the default action will be Skip, click on Continue.
- If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
- Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
- A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
In your next reply I would like to see:
- Checkup.txt
- OTL log and the fix log (if you don't see the fix log pop up, you can find it in the C:\_OTL\MovedFiles folder, the numbers in the file name will correspond with the date the scan was run)
- TDSSKiller log file