There was an application that appeared called 1Click Download that looked a lot like a fake anti malware program (making false claims and etc.)
I took these steps:
1. I immediately shut off my computer
2. went into safe mode w/ networking
3. checked if they changed my lan settings on my web browser
4. downloaded rkill in the explorer.exe renamed format
5. reinstalled malwarebytes and scanned
6. Rkill found nothing to terminate and malwarebytes also found nothing
7. I also ran TDSSkiller in safe mode but the results came out as the false positives and results that were brought up before i downloaded this malware.
- I found a new file in my Program Files (x86) and it was named 1ClickDownload with one .exe file inside. (I deleted that)
- I also found a restore point for the day before I installed this so I went ahead and restored.
I just wanna know if I should be safe or if I should run more scans and tests?
Computer seems to be running fine and normal (even before I restored)
Also is it possible this malware could have stolen some my passwords?
I had a few remembered passwords and I was logged in an account or two when I got the malware.
Otherwise since then I haven't entered a password and I also deleted all my history and remembered passwords through my web browser.
Is it possible to steal a password that wasn't saved or remembered during the malware but I had saved it and logged into the account before the malware happened?
- I just wanna know what steps I can take to ensure my computer is safe to use again for personal use and to ensure its malware-free.
I've looked everywhere about information regarding this virus but I haven't found a solution..
Thanks in advance!
Edited by Super14, 14 August 2012 - 12:10 AM.