Windows 10: Getformsonline malware

Page 2 of 2 FirstFirst 12

  1. Posts : 13,278
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       30 Jul 2016 #11

    Two things you may wish to try. Run in safe mode & do your scans & see what that finds.

    There is a program called RKill that attempts to terminate known malware processes so they can be removed. Some malware will not be deleted if it is running in the background. After running RKill, do NOT reboot.

    RKill Download

    Note   Note
    As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.

      My ComputerSystem Spec


  2. Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       30 Jul 2016 #12

    Hi:

    If the excellent suggestions already offered do not work, you might want to head over to one of several reputable fora specializing in computer disinfection. Specially trained malware experts will have access to additional, powerful tools, as well as the use of customized scripts. The help is free and will only cost you a bit of your time.

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)

    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)

    Just a thought,
    MM
      My ComputerSystem Spec


  3. Posts : 13,278
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       30 Jul 2016 #13

    MoxieMomma said: View Post
    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)
    Yeah yeah, what can I say, I'm old school . Nowadays that probably is a good idea, considering how OS's/Scanners have changed.

    I'm finding it hard to believe that the tools/tips suggested haven't ferreted this out.

    Suggest you d/l & run TDSSKiller just to rule out the possibility of a rootkit. I normally suggest that anyway, but this looked like a simple PUP/Add on that should have been removed by the malware tools.

    TDSSKiller Download

    Note   Note
    When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.
      My ComputerSystem Spec

  4.    30 Jul 2016 #14

    MoxieMomma said: View Post
    Hi:

    If the excellent suggestions already offered do not work, you might want to head over to one of several reputable fora specializing in computer disinfection. Specially trained malware experts will have access to additional, powerful tools, as well as the use of customized scripts. The help is free and will only cost you a bit of your time.

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)

    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)

    Just a thought,
    MM
    Post #2

    " Unfortunately to hear this, but you need a malware removal expert assistance. Please visit Malwarebytes Community Forum, and once you there please create a account if you don't have one. After you done that, please read this Im infected - What do I do now? - Malware Removal Help - Malwarebytes Forums. When you finish read them, and understands what logs to send for further assistance, please head to this Malware Removal Help section on the Malwarebytes Community Forum and post your problem. Running malware removal tools not under a supervisor can renders system unbootable, and making damage worse."


      My ComputerSystem Spec


  5. Posts : 11,223
    W10Prox64
       30 Jul 2016 #15

    RKILL
    ADWCleaner
    JRT
    Junkware Removal Tool Download
    Reset ALL browsers (not just FF)
      My ComputerSystem Spec


  6. Posts : 85
    Windows 10 64-bit
       30 Jul 2016 #16

    Also worthwhile checking your Firefox shortcut on the desktop. Right click and select properties and under the Shortcut tab check there is nothing behind "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" .

    Click image for larger version. 

Name:	shortcut.PNG 
Views:	20 
Size:	43.6 KB 
ID:	93070
      My ComputerSystem Spec

  7.    30 Jul 2016 #17

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)
    Yes, I won't be making it until it's all clear.
    I did an uninstall of Firefox, cleared out any files/folders thinking by doing this it would get rid of that pesky malware, I then reinstalled FF but the result was the same, which surprised me, it as it has worked before.
    Edge is now being used as browser for the meantime, and there is no problem (with the malware), ?!!
      My ComputerSystem Spec

  8.   My ComputerSystem Spec


 
Page 2 of 2 FirstFirst 12

Related Threads
C:\Windows10Upgrade - Is it malware? in AntiVirus, Firewalls and System Security
Hello, So today I booted my Win10 machine to find that it wanted to upgrade because it didn't have the latest security? Something like that... I have to say, something about the UI looked...'off'...I think the MS logo was slightly blurred also...
Might have caught some malware in Browsers and Email
Hello. I use Windows 10 and Chrome.Ever since a few days ago I started getting pop up links to ads sites such as offers.alibaba.com etc,.For example:when I click on normal texts on a web page(or just a link),sometimes it(my desired webpage) opens...
Solved Malware on start up in AntiVirus, Firewalls and System Security
Hello Guys and gals :), its been a while since i have been here , i have unknowingly installed a piece of malware / spyware, i have tried all the known removal process, and still unsuccessful i do have a backup of the C:\ folder. under the c:\...
Malware recovery in AntiVirus, Firewalls and System Security
I have a windows 10 pc that was infected by malware, a full scan by windows defender deleted the malware however I still have new tabs spawning in chrome on virtually any action taken in chrome. I have reinstalled chrome to no avail. Other browsers...
Malware or Virus? in AntiVirus, Firewalls and System Security
I usually use downmagz.com to download magazines. Today, I went to there to get some mags and when I went to the download page I got a popup that said CableONE has blocked the website. Clicked OK and then a page came up with a blue screen and...
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 06:40.
Find Us