hijacked hompage

HI :wave Could you please also upload the MGlogs.zip located on your C drive upon your next visit to the forum?

Thanks
Kes13!

 

Hi Shrap

1) Please go to Add and Remove Programs and uninstall the following software:

2) Now we need to use ComboFix to remove a bunch of malware files.

• Make sure that combofix.exe that you downloaded while doing the READ & RUN ME is on your Desktop but Do not run it!
• If it is not on your Desktop, the below will not work.
• Open Notepad and copy/paste the text in the below code box into it (make sure you scroll all the way down in the code box to get all lines selected ):

Code:

KILLALL::



File::
C:\WINDOWS\system32\rkgtocweypboxw.exe
C:\WINDOWS\system32\awtsPIxx.dll.vir


Folder::
C:\Program Files\XoftSpySE

• Save the above as CFscript.txt and make sure you save it to the same location (should be on your Desktop) as ComboFix.exe
• At this point, you MUST EXIT ALL BROWSERS NOW before continuing!
• You should have both the ComboFix.exe and CFScript.txt icons on your Desktop.
• Now use your mouse to drag CFscript.txt on top of ComboFix.exe
• Follow the prompts.
• When it finishes, a log will be produced named c:\combofix.txt
• I will ask for this log below

Note:

Do not mouseclick combofix's window while it is running. That may cause it to stall.


3) Now Run Ccleaner!

4) Now run the C:\MGtools\GetLogs.bat file by double clicking on it. Then attach the new C:\MGlogs.zip file that will be created by running this and also attach the log from combofix



Be sure to tell us how things are running.