redo the MBAM scan for a start and get it to remove all the bad things it found.
And edit your post, you dont have to reply to yourself.
EDIT|||||
You dont have a firewall or antvirus, no wonder you got infected.
Please download
VundoFix.exe to your desktop.
- Double-click VundoFix.exe to run it.
- Click the Scan for Vundo button.
- Once it's done scanning, click the Remove Vundo button.
- You will receive a prompt asking if you want to remove the files, click YES
- Once you click yes, your desktop will go blank as it starts removing Vundo.
- When completed, it will prompt that it will reboot your computer, click OK.
- Please attach the contents of C:\vundofix.txt
Note: It is possible that VundoFix encountered a file it could not remove.
In this case, VundoFix will run on reboot, simply follow the above instructions starting from "Click the
Scan for Vundo button." when VundoFix appears at reboot.
Please Download
VirtumundoBeGone by secured2k
- Save the file to your desktop
- Close all running programs (including your Internet Browser)
- Double-click VirtumundoBeGone.exe on the desktop
- Read the introductory information, and then click Continue
- Click Start
- When asked if you want to continue, click Yes to run the fix
- Click "Save Log"
Note: It is normal for the the fix to terminate by producing a
BLUE SCREEN OF DEATH so don't be concerned when this happens. It requires you to manually reboot to restore your normal windows desktop.
The log created by VirtumundoBeGone called
VBG.TXT will be on located on your desktop. Please retain VBG.TXT.
Empty Recycle Bin.
Reboot and "attach" the VBG.TXT into this thread.
Also please describe how your computer behaves at the moment.
Please download
SmitfraudFix (by
S!Ri)
Double-click
SmitfraudFix.exe.
Select option #1 -
Search by typing
1 and press "
Enter"; a text file will appear, which lists infected files (if present).
Please attach that report into your next reply.
**If the tool fails to launch from the Desktop, please move SmitfraudFix.exe directly to the root of the system drive (usually C:), and launch from there.
Note :
process.exe is detected by some antivirus programs (AntiVir, Dr.Web, Kaspersky) as a "RiskTool"; it is not a virus, but a program used to stop system processes. Antivirus programs cannot distinguish between "good" and "malicious" use of such programs, therefore they may alert the user.
http://www.beyondlogic.org/consulting/proc...processutil.htm
Please download ONE of the following antivirus programs and install it.
Once installed, Update it, run full system scan with it and allow it to fix up what it wants.
Reboot if it fixed anything.
You should get a firewall as well, either, these firewalls are all free,
After all of these, and only after, run HijackThis again and post a fresh log.