I was wondering if you could maybe help me out / provide some expert advice. Yesterday evening I noticed that somehow 'Antimalware Doctor' managed to install itself. Since I removed it some months ago for a friend, I recognized it as malware so I downloaded Super Antispyware to remove it. SAW detected Antimalware and removed it, along with some tracking cookies but nothing serious. When scanning with Microsoft Security Essentials this evening; two additional infections were found and removed:
What was strange was that during the scan, I found out that Meredrop was installed in c:\users\mark\appdata\local. During the scan I removed all files from this folder (after MSE already deleted Meredrop), so the directory was now completely empty. However, 10 minutes later MSE again detected and removed Meredrop from the same folder; showing I think that at least one other trojan or dropper is still active.
After I completed the full scan, I executed an additional quick scan to ensure nothing was in memory. All seemed fine, and I rebooted my computer, hoping that everything was solved now. However, after reboot I got browser redirects (opening link through google would redirect to random spam-sites) and Microsoft Security Essentials opened and directly closed. After another reboot everything seems fine again (this is when posting this message), but I guess something is definitely still active. Could you help me out on how to proceed?
Some additional info: using Windows 7 pro, 32bit, and consider myself a quite advanced user (usually I'm the one helping out others ;-)); however, I ran a Hijacklog check myself and couldn't find anything strange.
Edited by Pewima, 21 March 2011 - 02:20 PM.