Jeff1961
2012-06-17, 02:44
I've been attempting to help a friend remove this rogue malware from his Win764 desktop computer since Friday.
I followed the instructions from this forum at this thread (http://forums.spybot.info/showpost.php?p=422538&postcount=2).
We were in "safe mode with networking" as stated.
At step 3 in post #2 it states "You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.".
I was uncertain what "cycles" is, but assumed it meant that Windows Explorer would be closed initially, and that it would "open" on its own and then "close". If that is correct, it never did this after 10 attempts of running rkill.
We ran MalwareBytes anyways and it found 5 things I could not recognize and were probably the malware.
The final log said it removed 4 things.
We restarted. We uninstalled java and reinstalled it. We updated Windows with all updates. However everytime he runs IE9 or FF13...various graphics do not work. (e.g Google logo does not appear)
Any ideas on whether or not this means we did not remove it?
He reported that the unwanted popups from Security Shield 2012 had stopped.
So i'm wondering if it has damaged something.
Thanks for any help you can provide. :)
I followed the instructions from this forum at this thread (http://forums.spybot.info/showpost.php?p=422538&postcount=2).
We were in "safe mode with networking" as stated.
At step 3 in post #2 it states "You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.".
I was uncertain what "cycles" is, but assumed it meant that Windows Explorer would be closed initially, and that it would "open" on its own and then "close". If that is correct, it never did this after 10 attempts of running rkill.
We ran MalwareBytes anyways and it found 5 things I could not recognize and were probably the malware.
The final log said it removed 4 things.
We restarted. We uninstalled java and reinstalled it. We updated Windows with all updates. However everytime he runs IE9 or FF13...various graphics do not work. (e.g Google logo does not appear)
Any ideas on whether or not this means we did not remove it?
He reported that the unwanted popups from Security Shield 2012 had stopped.
So i'm wondering if it has damaged something.
Thanks for any help you can provide. :)