NOTE: Do not reply to threads after an HJT log has been requested by a helper and it has been posted. Doing so will result in a warning.

If you are infected, please follow these guidelines:

1. Run a full system scan with your antivirus. Make sure it is up to date.

2. Download and install either/all of the following:

Spybot Search and Destroy
Ad-Aware
Malwarebytes' AntiMalware

Run a full scan with either/all. Let them remove anything they find.

3. Clear your temp file with ATF Cleaner:
Click here to download ATF-Cleaner by Atribune. Save it to your desktop.

• Double-click ATF-Cleaner.exe to run it.
• Under 'Main' check the 'Select All' box.
• Press the 'Empty Selected' button.
  • If you use Firefox browser:
    • Click Firefox at the top and then check the 'Select All' box.
    • Press the 'Empty Selected' button.
    • Note: If you wish to keep your saved passwords, click No at the prompt.

• If you use Opera browser:
  • Click Opera at the top and then check the 'Select All' box.
  • Press the 'Empty Selected' button.
  • Note: If you wish to keep your saved passwords, click No at the prompt.

• Click 'Exit' on the Main menu to close the program.

4. Do this if the above steps don't help you remove the infection entirely:

• Download HijackThis from TrendMicro.
• Install it and run it.
• Click Do a system scan and save log file
• When the Notepad pops up, copy and paste the contents of the log into a new thread that you make on CEH ( to be more specific, here. Title the thread [HJT log][your problem].
  • An example of such a thread would be:
• Do NOT fix anything it finds there yet, as most of the entries listed in the log are legit and necessary for a smooth and stable running of your system.

This makes it easier on the HJT Team to identify people who are in need of help.

========================================​===============================

Once a helper has jumped into the thread, do NOT post until the helper has given the ALL CLEAN or cannot help the user, as incorrect and/or amateur actions can damage your computer even more.

Official CEH HJT Helpers

• Harvey
• Sephiroth
• Steppen Wolf
• Yin
  

========================================​================================
Once you are clean (your HJT Helper will announce it), there are a few steps you can do to prevent reinfection. For that, read my guides listed above.

Additional links:

• Sandbox, HIPS, Virtualization, & System Hardening Apps
• Online Web Scanners
• Malware Tools
• Security Programs Update Thread
• Microsoft Update & Windows Update & Microsoft Office Update
• Malware Databases
• Compilation of White Hat Guides