Welcome to TechSpot spuratic. I will help with the malware. I do ask though that you stay within out instructions, which you appear not to have read.
I have downloaded many programs that ive read here...here are some reports.
Each forum has their own set of steps for preliminary malware removal. Ours can be found here:
https://www.techspot.com/community/...lware-removal-preliminary-instructions.58138/
Ive read conflicting information on how to remove this and what to use
This is because each fix is customized to the system it is 'fixing' and the malware that needs to be removed. And you will need to be patient.
Your searches are being routed through a site in the Ukraine. I'm going to move some of the malware and then set up steps for you to follow:
Please download
OTMovit by Old Timer and save to your desktop.
- Double-click OTMoveIt3.exe to run it. (Vista users, please right click on OTMoveit3.exe and select "Run as an Administrator")
- Copy the file paths below to the clipboard by highlighting ALL of them and pressing CTRL + C (or, after highlighting, right-click and choose Copy):
Code:
:Processes
c:\users\spuratic\ntuser.dat{56471034-32db-11df-97eb-001b38b0739e}.TM.blf
:Services
:Reg
:Files
C:\Users\spuratic\AppData\Local\Temp\Windows-Update-KB327462-x86-ENU.exe
C:\Users\spuratic\AppData\Local\Temp\nspF49D.tmp\nsF5D6.tmp
C:\Users\spuratic\AppData\Local\Temp\mrt.exe
C:\Users\spuratic\AppData\Local\Temp\Mkh.exe
c:\windows\system32\YoItzVlad22222.tmp
c:\windows\system32\Fubar.tmp
C:\__MACOSX
:Commands
[purity]
[emptytemp]
[start explorer]
[Reboot]
- Return to OTMoveIt3, right click in the "Paste Instructions for Items to be Moved" window and choose Paste.
- Click the red Moveit! button.
- A log of files and folders moved will be created in the c:\_OTMoveIt\MovedFiles folder in the form of Date and Time (mmddyyyy_hhmmss.log). Please open this log in Notepad and post its contents in your next reply.
- Close OTMoveIt3
If a file or folder cannot be moved immediately you may be asked to reboot the machine to finish the move process. If you are asked to reboot the machine choose
Yes.
==============================
When you have finished, run both of the following:
Malwarebytes' Anti-Malware
- Please download Malwarebytes' Anti-Malware from from HERE
- Double-click mbam-setup.exe and follow the prompts to install the program.
- At the end, be sure a checkmark is placed next to
[o] Update Malwarebytes' Anti-Malware
[o] and Launch Malwarebytes' Anti-Malware
- then click Finish.
- If an update is found, it will download and install the latest version.
- Once the program has loaded, select Perform Quick scan, then click Scan.
* When the scan is complete, click OK, then Show Results to view the results.
- Be sure that everything is checked, and click Remove Selected.[
*] When completed, a log will open in Notepad. please attach this log with your reply
[o] If you accidentally close it, the log file is saved here and will be named like this:
[o] C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\mbam-log-date (time).txt
================
SuperAntiSpyware Home Edition Free Version
- Please download SuperAntiSpyware from HERE
- Launch SuperAntiSpyware and click on 'Check for updates'.
- Wait for the updates to be installed
- On the main screen click on 'Scan your computer'.
- Check: 'Perform Complete Scan then Click 'Next' to start the scan.
- Superantispyware will now scan your computer,when it's finished it will list all/any infections found.
- Make sure everything found has a checkmark next to it,then press 'Next'.
- Click on 'Finish' when you've done.
It's possible that the program will ask you to reboot in order to delete some files.
Obtain the SuperAntiSpyware log as follows:
Click on 'Preferences'.
Click on the 'Statistics/Logs' tab.
Under 'Scanner Logs' double click on 'SuperAntiSpyware Scan Log'.
It will then open in your default text editor,such as Notepad.
Attach the notepad file here on your reply
Leave the 3 logs. There are steps 5 and 6.
I will also have you remove all the old Java versions, which are each vulnerabilities.
Please do not run any other cleaning programs unless I ask you to. Do not use a Registry cleaner or make ant changes in the Registry.