Hi, DHS1014. Welcome to LandzDown Forum.
We will do our best to assist you. However, in order to do so, please follow all instructions provided in the sequence given. Do not install/re-install any programs or run any fixes or scanners that you have not been instructed to use. This may cause conflicts with the tools being used in the cleanup process.
If you have questions regarding any of the instructions or problems running any tools, please let us know.
1. Please restart the computer in Safe Mode with Networking
. (To do this, turn your computer off and then back on and immediately when you see anything on the screen, start tapping the F8 key on your keyboard. Using the arrow keys on your keyboard, select Safe Mode with Networking and press Enter on your keyboard. Windows will now boot into safe mode with networking and prompt you to login as a user.)
2. Please download rkill from one of the following links and save to your Desktop:Note
: DHS1014, if you are not able to connect using Safe Mode with Networking, download RKill to a flash drive and move it to the desktop of the infected computer.One
- Double-click rkill to run.
- A command window will open then disappear upon completion, this is normal.
- Please leave rkill on the Desktop until otherwise advised.
- Do NOT restart your computer after running rkill as the malware program(s) will start again.
If you you receive security warnings about rkill, please ignore and allow the download to continue.
3. To give you a bit of breathing space, try running Malwarebytes again after running rkill as follows:
** Note **
- Launch Malwarebytes' Anti-Malware then click the Update tab and "Check for Updates
- Once the update has been installed and the program has loaded, select Quick scan
- When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, EXCEPT items in System Restore as shown in this sample:
- Click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See the Note below)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
- Please post contents of that file in your next reply.
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK
to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.Note
: If you need to restart the computer, if you still cannot connect in normal mode, try Safe Mode with Networking again.
4. Download DDS.scr
by sUBs from one of the following links and save it to your desktop.Link 1Link 2
- Double-Click dds.scr and a command window will appear. This is normal
- Shortly after two logs will appear, DDS.txt & Attach.txt
- A window will open instructing you save & post the logs
- Save the logs to a convenient place such as your desktop
- Copy the contents of both logs & post in your next reply
5. Download Security Check
by screen317 from here
- Save it to your Desktop.
- Double click SecurityCheck.exe and follow the onscreen instructions inside of the black box.
- A Notepad document should open automatically called checkup.txt; please post the contents of that document.
Both DDS.txt and Attach.txt
Please be also confirm if you can connect to the Internet normal or Safe Mode with Networking.