Regarding this post earlier.
----
It's likely that the infection is preventing our tools from running. The following tool will help running them.
If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.
Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not all of them.
Vista and Win7 users need to right click and choose Run as Admin
http://download.bleepingcomputer.com/grinler/rkill.exe
http://download.bleepingcomputer.com/grinler/rkill.com
http://download.bleepingcomputer.com/grinler/rkill.scr
http://download.bleepingcomputer.com/grinler/rkill.pif (note bad link)
Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.
At this point, you should now be able to run analysis tools
---
I've been able to run 3 of 4 of those rkills. None of the 3 have worked after minutes of constantly clicking them, after a second the window closes down. I'm not sure it the virus is closing them or if the software only lasts a second each attempt.
The point is the virus is not shifting and I don't believe I can run these tests as I can't access the internet due to it.
----
It's likely that the infection is preventing our tools from running. The following tool will help running them.
If you have an active internet connection, copy/paste the links below into your browser, don't click them or the rogue might redirect. If you don't have an active internet connection, download the tools from another machine, and transfer them to the affected machine via USB flash drive.
Please download and run the following tool to help allow other programs to run. (courtesy of BleepingComputer.com)
There are 4 different versions. If one of them won't run then download and try to run the other one. You only need to get one of them to run, not all of them.
Vista and Win7 users need to right click and choose Run as Admin
http://download.bleepingcomputer.com/grinler/rkill.exe
http://download.bleepingcomputer.com/grinler/rkill.com
http://download.bleepingcomputer.com/grinler/rkill.scr
http://download.bleepingcomputer.com/grinler/rkill.pif (note bad link)
Note: You will likely see a message from this rogue telling you the file is infected. Ignore the message. Leave the message OPEN, do not close the message. Run rkill repeatedly until it's able to do it's job. This may take a few tries. You'll be able to tell rkill has done it's job when your desktop (explorer.exe) cycles off and then on again.
At this point, you should now be able to run analysis tools
---
I've been able to run 3 of 4 of those rkills. None of the 3 have worked after minutes of constantly clicking them, after a second the window closes down. I'm not sure it the virus is closing them or if the software only lasts a second each attempt.
The point is the virus is not shifting and I don't believe I can run these tests as I can't access the internet due to it.