how do I remove this malware?

spaceboy

ObfuscatorJM and Zbot.gen!Y

MSE keeps detecting them and quarantining them but each time I restart it detects them again.

23n1th

I would advise doing the usual MBAM scan after updating of course and posting the log, thereafter running HJT and posting its log here as well.

spaceboy

23n1th wrote: »

I would advise doing the usual MBAM scan after updating of course and posting the log, thereafter running HJT and posting its log here as well.

Is MBAM free?

aerostar

yes it is, do a google

23n1th

Yep download from here: http://www.malwarebytes.org/mbam.php

Looks like you're infected from your post in the other thread. Run MBAM and post its log which will pop up at the end here and re-run HJT and post its log as well.

fiddiwebb

spaceboy wrote: »

Is MBAM free?

The free version is.

Download the latest version of Malwarebytes from filehippo.com.

Once downloaded, open mbam and update it first before running a scan.

Donnie

It going to be a bit more complicated than that. You have a password stealing Trojan. Even when you remove it, the changes that it makes are not reversed.

So you can try to remove it and then manually reset any changes, or just back up your data and run a Factory Restore or a Clean Install.

Use a Sandbox in the future if you going to expose yourself to risks, as they can also have Sandboxed browsers too.

Donnie

If you want to go ahead with some scans....

Download, install, update and run a Quick Scan with Malwarebytes' AntiMalware. When complete, choose 'Remove Selected' if there is anything to remove and Reboot your computer.

After restart, open the program again and go to 'Logs'. Double click on the log produced for today and post the contents here.

Then download, install and run Hitman Pro 3.5.

Next, download, install and run the HijackThis Version 2.0.4 installerand executable and use the Quick Start guide to enable you to produce a log for posting here too.

I'm not sure how effective these will be.

You may need a rootkit remover.

Donnie

More details here

Have you run a Full Scan with MSE?

23n1th

If its as bad as Donnie thinks it is and you want to save the install rather than a clean install then I'd recommend going to a forum like: http://www.geekstogo.com/forum/ they've very good trained experts at this sort of thing.

Donnie

We can remove it here, but I'm going to bed now. The OP can decide which path he wants to traverse. There are lots of tools out there with which to play. But a format and clean install gives peace of mind.

A hijack this log may assist in diagnosing possible security holes to watch for in the future.