Win32:Rontokbr-L - Please help

Avast is reporting the error shown in the screenshot below. 44 pop-ups, always in quick succession. Avast and Malwarebytes scan did not detect.

Logs attached, except that every time I ran aswMBR it froze. See screenshot in second post.

Please help! Thank you.

Screenshot of aswMBR freezing.

Try clear your dropbox cache … Google how to

Then run TFC cleaner to clear all temp foldere
http://www.geekstogo.com/forum/files/file/187-tfc-temp-file-cleaner-by-oldtimer/

Did that help?

One would hope it’s not the actual McCoy Pondus.

RontokBR-L is pretty serious, as it’s an actual virus, not standard malware.
http://home.mcafee.com/virusinfo/virusprofile.aspx?key=2566662

So, while I hope this isn’t needed. Remover notified.

Nothing apparent on the system

In that case. Good news. Continue with Pondus’ instructions and let us know if Avast! stops alerting. If not. let us know :slight_smile:

Cleared the Dropbox cache and ran the TFC Cleaner. TFC Cleaner kept freezing at the point it was emptying the recycle bin. I waited like an hour but the program never recovered, so I had to kill it. Thus, TFC Cleaner never finished its work.

The pop-ups unfortunately persist. Are there other steps we can take?

Right click recycle bin and empty it … then try TFC again

I will notify Essexboy…

Recycle bin successfully emptied. I then ran TFC again, hit scan, and within seconds got a blue screen of death. Didn’t get to read the text. After the reboot, I ran TFC again and the scan was successful. Nevertheless, still have the pop-ups.

Not sure if the blue screen is related to the virus or this just being a bad computer.

C;\Windows\Minidump.

Zip them, and upload the files to www.wikisend.com. Post the D/L link here.

OK lets check it out

Download and Install Combofix

Download ComboFix from one of the following locations:
Link 1
Link 2

VERY IMPORTANT !!! Save ComboFix.exe to your Desktop

  • IMPORTANT - Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. If you have difficulty properly disabling your protective programs, refer to this link here

[*]Double click on ComboFix.exe & follow the prompts.
[*]Accept the disclaimer and allow to update if it asks

http://img.photobucket.com/albums/v706/ried7/NSIS_disclaimer_ENG.png

http://img.photobucket.com/albums/v706/ried7/NSIS_extraction.png

[*]When finished, it shall produce a log for you.
[*]Please include the C:\ComboFix.txt in your next reply.

Notes:

  1. Do not mouse-click Combofix’s window while it is running. That may cause it to stall.
  2. Do not “re-run” Combofix. If you have a problem, reply back for further instructions.
  3. If after the reboot you get errors about programmes being marked for deletion then reboot, that will cure it.

Please make sure you include the combo fix log in your next reply as well as describe how your computer is running now

WikiSend was giving me an error, but here’s the file via Dropbox:
https://www.dropbox.com/s/zbnowrhazwo3fbj/111614-20139-01%20-%20Copy.zip?dl=0

OK, now follow Essex’s advice please. He is a million times better then I

But he’s just a boy . . .

ComboFix log attached. Still getting errors. :frowning:

OK could you disable dropbox from running at start then reboot, do the alerts continue

Done. No alerts thus far! Is dropbox.exe infected? Should I uninstall and then reinstall dropbox?

Uninstalled Dropbox and reinstalled. Error messages came back. :frowning:

Post a screenshot please!

Essex would be in bed now. so wait till tomorrow

Screenshot:

Can you post the TFC log from when you ran it?