Malware and Virus RemovalProblems removing malware/viruses? Get help from our Malware removal experts.
Mission Statement
WindowsBBS is an online community dedicated to easily accessible technical support for those using Microsoft operating systems and other Windows software.
Our goal is to become the leading resource for computer users that require assistance with their day-to-day computer usage, including full support for networking PC's, virus & malware removal, system upgrades and general support questions.
After searching for a particular download, i found something that looked legit, and when i downloaded it, it turned out to be a virus/malware.
I have Windows OneCare and after opening the downloaded program, i got a notice that it was a "tool". So, i clicked 'Clean All' and it did, i deleted the program. Then, i noticed two icons in my system tray that were never there. And like every minute i get 2 pop-ups.
If i click the alert bubble, it loads a site, that is a fake virus scan site, and then after the fake virus scan, it says "click here to remove virus" and when i do that, OneCare pops up and says its a tool.
Download Malwarebytes' Anti-Malware (MBAM) from here or here and save the file to your desktop.
Double click mbam-setup.exe to install the application.
Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
If an update is found, it will download and install the latest version.
Once the program has loaded, select 'Perform Quick Scan', then click Scan.
The scan may take some time to finish,so please be patient.
When the scan is complete, click OK, then Show Results to view the results.
Make sure that everything is checked, and click Remove Selected.
When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Note below)
The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
Post the entire report in your next reply.
Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts. Click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
Now this.
Download RSIT by random/random and save it to your desktop.
Double click RSIT.exe to start the tool.
At the disclaimer, please use the drop down box to select 3 months for the file/folder search, then click Continue.
If prompted by your firewall to allow RSIT to access the internet, please allow it. It will be updating yourr version of HijackThis.
When the scan completes it will open a log named log.txt maximized, and a log named info.txt minimized.
Please post the contents of log.txt here in your next reply along with the MBaM log.
