Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Security Tool Virus removal problem


  • Please log in to reply
3 replies to this topic

#1 snowball2

snowball2

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 16 January 2010 - 10:04 AM

Hi

Im pretty stuck here, googled and found your tutorial for the removal of this virus but can't get past step 3 as rkill keeps getting blocked before it can do anything, I have tried as suggested leaving the pop ups in place and trying again but still the same problem :thumbsup:

I then followed the link for further help - Preparation Guide For Use Before Posting A Hijackthis Log, but unable to run this software either, its just blocked dead.

I don't know exactly how this virus got on the pc, no one is owning up.

There are no desktop icons, it has disabled the wireless internet connection, you cannot run system restore, I have been downloading the software onto a usb and transfering ot onto the pc. It won't let any software run that might remove it basically.

Any help gratefully received. Im running XP & have ESET Security installed

Edited by snowball2, 16 January 2010 - 10:15 AM.


BC AdBot (Login to Remove)

 


#2 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:01:19 AM

Posted 17 January 2010 - 04:44 PM

Hello snowball2 and welcome to Bleeping Computer! :thumbsup:

My username is swagger and I'll be helping you. Have you tried downloading and running RKill with the different extensions?

rkill.pif
rkill.scr
rkill.com
rkill.exe

  • Please Download Link #1. Save it to your Desktop.
  • Before we begin, you should disable your anti-malware softwares you have installed so they do not interfere RKill running as some anti-malware softwares detect RKill as malicious. Please refer to this page if you are not sure how.
  • Double click the RKill desktop icon to run the tool.
    If you are using Vista please right click and run as Admin!
  • A black screen will briefly flash indicating a successful run.
  • If this does not occur please delete that application and download Link #2.
  • Continue process until the tool runs.
NOTE:
1. Try running RKill using Link 1, if it does not run, download Link 2 and delete Link 1 then try running it again.
2. If you still can't run RKill, repeat the same steps using Link 3 and 4. Please tell me if all the link does not work.
*If the tool does not run from any of the links, Please tell me about it.


Regards,
swagger

#3 snowball2

snowball2
  • Topic Starter

  • Members
  • 2 posts
  • OFFLINE
  •  
  • Local time:06:19 AM

Posted 19 January 2010 - 11:16 AM

OK

The original rkill file was flashing up a black box, as are all these files but nothing seems to be happening the popups still carry on and im unable to install mbam as it is closed down eveytime i click on it before it can install.

I can't actually save anything to the actual desktop as icons as the desktop is blank and unresponsive, so i have saved them to the desktop file in windows instead, i presume this wont make any difference really.
rkill is making two files in desktop when it runs, rkill reg entries & pev.

ive tried all the links and having the same result with them all.

Thank youfor your help :thumbsup:

#4 swagger

swagger

  • Members
  • 476 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:South Carolina
  • Local time:01:19 AM

Posted 19 January 2010 - 11:43 AM

Hey snowball2,

Let's try this... When you download rkill, rename it before you save it as explorer.<extension you are downloading>. Let me know if it allows you to run the setup for MBAM then.

Regards,
swagger




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users