malremtool.exe what is it and what does it do

September 8, 2011 at 17:31:30
Specs: Windows 7
malremtool.exe - pop up wanting to make changes. I said no it came back. Got a few minutes free by closing it through task manager and looked it up. Found webroot, which seemed reputable and apparently had free software to download. Figured I did that by accident, since malrem, I found out, means malware removal.

It came back and I said no a few more times but eventually said yes. It stopped popping up, but many of my shortcuts were gone and programs from my start menu were gone. McAfee claims to have removed a Trojan every few minutes, saying no further action is required.

A pop-up stating that with one or more IDE / SATA hard drives, performance problems have been detected.

What is happening? Please help.

See More: malremtool.exe what is it and what does it do

Report •

September 8, 2011 at 18:18:50
jessiiiiiii ,

You are more than likely inected by malware that uses false security alerts and fake scan results.

Please download RKill:

[If the file does not download, paste the following, without the brackets, in the address bar of your browser:

Save to the Desktop.

Windows 7 users: right-click and select: 'Run As Administrator'

A black DOS box briefly flashes and then disappears. This indicates the tool ran successfully.

If not, delete the Rkill file, then download and use another Rkill file:

If it still does not work, repeat the process and attempt to use one of the remaining versions until the tool runs.

Note: You may need to make repeated attempts to use Rkill before it runs, as some malware variants try to block it.

Next, download TDSSKiller:

Execute the file:
Windows Seven - Right-click and select: 'Run as Administrator'

Press the button: 'Start Scan'

The utility can detect two object types:
malicious (the malware has been identified)
suspicious (the malware cannot be identified)

When the scan is over, the utility outputs a list of detected objects with their description.

It automatically selects an action (Cure or Delete) for malicious objects.Leave the setting as is.
It also prompts the User to select an action to apply to suspicious objects (Skip, by default). Leave the setting as Skip.

After clicking Next, the utility applies the selected actions and outputs the result.

A ‘Reboot Required’ prompt may appear after a disinfection. Please reboot.

By default, the utility outputs a log to the system disk root folder (the disk with the Windows operating system, C:\).

Logs have a name like:

Please post the TDSSKiller log in your reply.

Now, download Malwarebytes’ Anti-Malware (black button with green and white icon) Save to the Desktop:

Windows 7, right click and select: 'Run as Administrator'

Run Malwarfebytes’ AntiMalware and update the program.

Once updated, select Perform Full Scan and click the scan button.

When the scan finishes, click OK in the message box, and you will see the results of the scan.

Click the 'Remove Selected' button to get rid of the malware.

When Malwarebytes finishes, you may be prompted to reboot. If so, reboot.

Please, also post the Malwarebytes' log in your reply.

Once we see where we are at, we can plan any additional removal strategy, if necessary.


Retired - Doin' Dis, Dat, and slapping malware.
Malware Eliminator/ Member of UNITE and the
Alliance of Security Analysis Professionals

Report •
Related Solutions

Ask Question