Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account

Win 7 Security 2012

  • Please log in to reply



    New Member

  • Member
  • Pip
  • 1 posts
Over the weekend, I clicked on a fake adobe update window and have since been suffering from the Win 7 Security 2012 malware.

SuperAntiSpyware portable ran, but did not detect the intrusion. I used Rkill and renamed the MB executable to stop it from intercepting Malwarebytes, and I thought it had been removed, but it has since come back twice. Both times there has been an executable in the C:/users/MyUserName/AppData/Local/ folder, a Windows Security icon in the taskbar, and popups (particularly when I try to run MalwareBytes or access windows security). It also blocked browsing of web sites in FireFox and IE with a "this page could be dangerous" page.

I have been attempting to follow the instructions at http://www.geekstogo...ity-2012-issue/ among other threads on this malware, but so far have been unsuccessful so I am hoping I can get some help removing this thing.

The initial rkill log terminated the processes iyq.exe (the executable from AppData/Local) and rundll. The more recent one doesn't show names, although it did allow me to access the internet and Malwarebytes. I am attaching logs from OTL, MBAM, TDSKiller, and MBRCheck. I also attempted to run aswMBR.exe, but it twice resulted in a BSOD, although at different points in the scanning process.

Thank you in advance for your help,
Garuga S. Monk

Attached Files

  • 0


Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP