Getformsonline malware

Page 2 of 2 FirstFirst 12
  1. Borg 386's Avatar
    Posts : 28,651
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       #11

    Two things you may wish to try. Run in safe mode & do your scans & see what that finds.

    There is a program called RKill that attempts to terminate known malware processes so they can be removed. Some malware will not be deleted if it is running in the background. After running RKill, do NOT reboot.

    RKill Download

    Note   Note
    As RKill only terminates a program's running process, and does not delete any files, after running it you should not reboot your computer as any malware processes that are configured to start automatically will just be started again. Instead, after running RKill you should immediately scan your computer using some sort of anti-malware or anti-virus program so that the infections can be properly removed.

      My Computer

  2. MoxieMomma's Avatar
    Posts : 824
    Win10/64 Pro 1511 (and 2 Win 7/64 Ult & Pro systems)
       #12

    Hi:

    If the excellent suggestions already offered do not work, you might want to head over to one of several reputable fora specializing in computer disinfection. Specially trained malware experts will have access to additional, powerful tools, as well as the use of customized scripts. The help is free and will only cost you a bit of your time.

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)

    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)

    Just a thought,
    MM
      My Computer

  3. Borg 386's Avatar
    Posts : 28,651
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition
       #13

    MoxieMomma said:
    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)
    Yeah yeah, what can I say, I'm old school . Nowadays that probably is a good idea, considering how OS's/Scanners have changed.

    I'm finding it hard to believe that the tools/tips suggested haven't ferreted this out.

    Suggest you d/l & run TDSSKiller just to rule out the possibility of a rootkit. I normally suggest that anyway, but this looked like a simple PUP/Add on that should have been removed by the malware tools.

    TDSSKiller Download

    Note   Note
    When running TDSSKiller, launch the program, click on the blue text "Change Parameters" & check the box marked "Detect TDLFS File system." Click OK & then run the scan.
      My Computer


  4. Posts : 258
    Windows 10
       #14

    MoxieMomma said:
    Hi:

    If the excellent suggestions already offered do not work, you might want to head over to one of several reputable fora specializing in computer disinfection. Specially trained malware experts will have access to additional, powerful tools, as well as the use of customized scripts. The help is free and will only cost you a bit of your time.

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)

    (For the record, it's usually not recommended to run malware removal tools in Windows Safe Mode, other than as a last resort. For many such tools, such as MBAM, the scanner needs to have full access to the system and running drivers in order to work properly.)

    Just a thought,
    MM
    Post #2

    " Unfortunately to hear this, but you need a malware removal expert assistance. Please visit Malwarebytes Community Forum, and once you there please create a account if you don't have one. After you done that, please read this Im infected - What do I do now? - Malware Removal Help - Malwarebytes Forums. When you finish read them, and understands what logs to send for further assistance, please head to this Malware Removal Help section on the Malwarebytes Community Forum and post your problem. Running malware removal tools not under a supervisor can renders system unbootable, and making damage worse."


      My Computer

  5. simrick's Avatar
    Posts : 16,108
    W10Prox64
       #15

    RKILL
    ADWCleaner
    JRT
    Junkware Removal Tool Download
    Reset ALL browsers (not just FF) :)
      My Computer


  6. Posts : 85
    Windows 10 64-bit
       #16

    Also worthwhile checking your Firefox shortcut on the desktop. Right click and select properties and under the Shortcut tab check there is nothing behind "C:\Program Files (x86)\Mozilla Firefox\firefox.exe" .

    Getformsonline malware-shortcut.png
      My Computer


  7. Posts : 30
    Windows 10
    Thread Starter
       #17

    (Perhaps I misunderstood your last post, but if you make a system image now, with the infection in place, you will be creating an image of the infected system, no?)
    Yes, I won't be making it until it's all clear.
    I did an uninstall of Firefox, cleared out any files/folders thinking by doing this it would get rid of that pesky malware, I then reinstalled FF but the result was the same, which surprised me, it as it has worked before.
    Edge is now being used as browser for the meantime, and there is no problem (with the malware), ?!!
      My Computer

  8. Samuria's Avatar
    Posts : 6,033
    windows 10
       #18
      My Computer


 
Page 2 of 2 FirstFirst 12

  Related Discussions
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd
All times are GMT -5. The time now is 16:15.
Find Us




Windows 10 Forums