Do you have the Security Check log that you can post?
One thing you need to do is go to your Windows Mail and empty your Deleted Items folder.
I see you have an outdated and vulnerable version of Java installed. Do you actually require Java (most people don't). I recommend you go to Start > Control Panel > Programs and Features, and uninstall the following:Java(TM) 6 Update 24
If you have a program or web site that requires it, you can reinstall it later.
Please download Malwarebytes Anti-Rootkit here:
- Unzip the contents to a folder on the Desktop.
- Open the folder where the contents were unzipped and run mbar.exe ( right-click and select Run as administrator for Vista and Windows 7).
- Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
- Click on the Cleanup button to remove any threats and reboot if prompted to do so.
- Wait while the system shuts down and the cleanup process is performed.
- Please post the two logs produced.
Please note: This tool is still in BETA mode, so please ensure you have backed up any important files.
Please download Junkware Removal Tool
to your Desktop.
- Disconnect from the Internet (unplug your connection to your router or modem).
- Please close your security software to avoid potential conflicts.
- Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
- The tool will open and start scanning your system.
- Please be patient as this can take a while to complete, depending on your system's specifications.
- On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
- Restart your security software and reconnect to the Internet.
- Please post the contents of JRT.txt into your reply.
Download the Sophos Virus Removal Tool
and save it to your desktop:
- Be sure to view the 3 short How-to videos on that page.
- Double-click Sophos Virus Removal Tool.exe. The installation files will extract and the installer will automatically run.
- Follow the prompts to accept the license agreement, and accept the default location.
- A message will appear "InstallShield Wizard Completed".
- Click 'Finish' to start the program.
- After it updates and a "Start Scanning" button appears in the lower right:
-- Disconnect from the Internet or physically unplug you Internet cable connection.
-- Close all open programs, scheduling/updating tasks and background processes that might activate during the scan including the screensaver.
-- Temporarily disable your anti-virus and real-time anti-spyware protection.
- Click the "Start Scanning" button in the lower right to start the scan.
- After starting the scan, do not use the computer until the scan has completed.
- When finished, if it detected anything there will be a "Start Clean-up" button, click it and allow it to finish.
- When finished, re-enable your anti-virus/anti-malware (or reboot) and then you can reconnect to the Internet.
- A log will be in the following location:
- Vista and above: C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
--for 64-bit C:\Program Files (x86)\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
- 2000/XP/Server 2003: C:\Documents and Settings\All Users\Application Data\Sophos\Sophos Virus Removal Tool\Logs\SophosVirusRemovalTool.log
- Please post the log in your next reply.
After that, please follow these instructions to run ComboFix.exe. Please visit this webpage for download links and instructions for running this tool:How to use ComboFix
* Ensure you have disabled all anti virus and anti malware programs so they do not interfere with the running of ComboFix (CF).
Please go here
to see a list of programs that need to be disabled.
**Note: Do not mouseclick ComboFix's window while it's running. That may cause it to stall.**
**Note 2: If you get a message saying "Illegal operation attempted on a registry key that has been marked for deletion", please restart your computer.**
Please include the log at C:\ComboFix.txt in your next reply and note any errors encountered.
Please post the two logs from Malwarebytes Anti-Rootkit, the log from Junkware Removal Tool, the log from Sophos Virus Removal Tool, the log from ComboFix, and the log from Security Check and note any errors encountered.--
Proud ASAP member since 2005
Microsoft MVP/Consumer Security 2009-2010