We appreciate any donations and remember we are always here for you so you can always come back and get looked at
Let's try to clean up that problem. Also you had a line in your log that was brought to my attention that was part of a specific infection. You seem to be totally clean from it but we might as well run the fix.
I promise we are about there
1) Reset your web setttings...
open Internet Explorere > tools > internet options > programs tab
Click on "reset web setting"Please download this program, but do not run them yet
- Unzip it to your desktop.
Then open up Ewido and update the definitions.
You need to save this response as a notepad or word document on your desktop for use later when we go into safe mode(no internet access).
You can also print out this response for easy use as well
Boot into safe mode by tapping the F8 key at restart and choosing 'safe mode' from the menu. explained here
if needed. 1.)
Please go into the rdrivrem folder and double-click rdrivRem.bat
to run the program - follow the instructions on the screen. After it's complete, rdriv.txt will be created in the rdrivRem folder.2.)
Double-click the Ewido Security Suite
icon to run the program.
- Click on scanner
- Click Complete System Scan
- Let the program scan the machine
While the scan is in progress you will be prompted to clean the first infected file it finds. Choose "remove", then put a check next to "Perform action on all infections" in the left corner of the box so you don't have to sit and watch Ewido the whole time. Click OK.
Once the scan has completed, there will be a button located on the bottom of the screen named Save report
- Click Save report
- Save the report to your desktop
- Exit Ewido
Reboot back into normal mode please.
Open HijackThis, click Config, click Misc Tools
Click "Open Uninstall Manager
Click "Save List" (generates uninstall_list.txt
Click Save, copy and paste the results in your next post.
Now we need these logs from you:
1) The uninstall_list.txt that you just made.
2) The rdriv.txt
file from the rdriveRem folder
3) A new HJT log
4) The Ewido log
Thanks for your patience,