Hello.
- Open HijackThis
- Choose "Do a system scan only"
- Check the boxes in front of these lines:
O2 - BHO: (no name) - {15f20e38-ea1f-4407-a005-3b868f2a9b75} - C:\WINDOWS\system32\nahuhiju.dll
O4 - HKLM\..\Run: [autochk] rundll32.exe C:\WINDOWS\system32\autochk.dll,_IWMPEvents@16
O4 - HKLM\..\Run: [wegafisuji] Rundll32.exe "C:\WINDOWS\system32\susonuno.dll",s
O4 - Startup: ChkDisk.dll
O4 - Startup: ChkDisk.lnk = ?
O21 - SSODL: SSODL - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\kofipulo.dll (file missing)
O22 - SharedTaskScheduler: STS - {EC43E3FD-5C60-46a6-97D7-E0B85DBDD6C4} - c:\windows\system32\kofipulo.dll (file missing)
O23 - Service: Symantec Lic NetConnect service (CLTNetCnService) - Unknown owner - C:\Program Files\Common Files\Symantec Shared\ccSvcHst.exe (file missing)
- Press "Fix Checked"
- Close Hijack This.
Please download the
LSPfix from here:
LSPFixUnzip it to the
Desktop (Important!!) and run it. Check the box that says "
I know what I'm doing", and then select each instance of "
ntdll64.dll" in the left-hand panel and click
>> button to move it to the right-hand panel. Then click
Finish to allow
LSPfix to rebuild the LSP chain.
Please download and run this tool.
Download Malwarebytes' Anti-Malware from
HereDouble Click mbam-setup.exe to install the application.
- Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select "Perform Quick Scan", then click Scan.
- The scan may take some time to finish,so please be patient.
- When the scan is complete, click OK, then Show Results to view the results.
- Make sure that everything is checked, and click Remove Selected.
- When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note)
- The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Note:
If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts.
Click OK to either and let MBAM proceed with the disinfection process.
If asked to restart the computer, please do so immediately.Post the contents of the MBAM Log.