Posted 13 April 2011 - 12:13 PM
Dear Malware Slayers,
Please help. I run Window 7 (64bit). Yesterday I uploaded a photo to a trusted internet site, but soon after I got a Fast Windows Antivirus 2011 pop up saying I was infected. I knew this was scare ware and immediately unplugged my computer from the internet. I had to plug back in for a few seconds so that MBAM could update the database file, but I unplugged as soon as it was done. Then I ran MBAM and AVG, but neither found any infections. I did some research from another (clean) computer and found a forum post and downloaded, installed and ran the following (while offline); ProcessExplorer (did not find any offending processes); FixExe.reg; RKill; and a new copy of MBAM. I ran each in a specified order. Rkill did not appear to find any culprets. MBAM did not find any infections. After this I plugged back in to the Internet and did not notice any more scareware popups. Everything seems to run fine. I then Ran Full disc scans in AVG and then MBAM again. I also Ran the online ESET scanner too. All came up clean.
Here are the things and changes I did notice. When I go to "computer" in windows explorer, the C drive is now named a random chain of characters. In addition, there are three new folders in the root named with a random chain of characters. In each of these new folders are MRT.exe files (Microsoft Malware removal tool?). I never noticed these files or folders before.
Although I have not notice any performance issues since yesterday, I would really like to know if my machine is clean or if there is a dormant Rootkit inside the laptop. can you help?