Related:
- .dll's in my startup menu. Kaspersky cant fix
- Show volume in menu bar mac - Guide
- Kaspersky online scan - Guide
- Huawei test menu - Guide
- How to remove f1 at startup in windows 10 - Guide
- Startup sound changer download - Download - Customization
3 responses
Coming up with the same issues. Also tried using IE 7 and get a bunch of popups....started about the same time frame.
I believe I have fixed it (or at least temporarily resolved the problem)
a couple things I found out:
rundll.exe is a valid windows app, so dont try to mess with it. it is just being used by the malware.
any of the files I mentioned can be deleted in safe mode via the cmd prompt
heres what I did:
1. write down the exact location of the files on paper. look up and write down cmd commands that would allow me to force delete files. check:
for delete commands:
http://technet2.microsoft.com/windowsserver/en/library/b4f9443f-e501-4a85-93e3-805ee3edad471033.mspx?mfr=true
https://ss64.com/nt/
for dir commands (this navigates your computer the specified folder - I think you need to do this beore you can delete the files):
http://technet2.microsoft.com/windowsserver/en/library/a6aaf662-4153-4f8c-873e-58d91aedc1ea1033.mspx?mfr=true
2. restart my comp, boot in safe mode with the command prompt. use above commands and try to delete the files. you may have to mess around with different combinations of the command line. took me a while to get it right, but I don't remember exactly what command I ended up using. Also, I think the prompt told me that the deletion didnt work, even though it did.
3. restart comp again, do a FULL computer scan with kaspersky or whatever you use, and ad-aware. makes sure your definitions are up to date. after full scans and another comp restart (just for good measure) check the folder that the malware files were in (again - for me it was C:\Users\Sasha\AppData\Local\Temp\). for me they were gone.
4. go to your startup manager and delete the suspicious entries. they should stay deleted.
hope this helps. i anyone else can verify that this worked or provide another solution that would be great
a couple things I found out:
rundll.exe is a valid windows app, so dont try to mess with it. it is just being used by the malware.
any of the files I mentioned can be deleted in safe mode via the cmd prompt
heres what I did:
1. write down the exact location of the files on paper. look up and write down cmd commands that would allow me to force delete files. check:
for delete commands:
http://technet2.microsoft.com/windowsserver/en/library/b4f9443f-e501-4a85-93e3-805ee3edad471033.mspx?mfr=true
https://ss64.com/nt/
for dir commands (this navigates your computer the specified folder - I think you need to do this beore you can delete the files):
http://technet2.microsoft.com/windowsserver/en/library/a6aaf662-4153-4f8c-873e-58d91aedc1ea1033.mspx?mfr=true
2. restart my comp, boot in safe mode with the command prompt. use above commands and try to delete the files. you may have to mess around with different combinations of the command line. took me a while to get it right, but I don't remember exactly what command I ended up using. Also, I think the prompt told me that the deletion didnt work, even though it did.
3. restart comp again, do a FULL computer scan with kaspersky or whatever you use, and ad-aware. makes sure your definitions are up to date. after full scans and another comp restart (just for good measure) check the folder that the malware files were in (again - for me it was C:\Users\Sasha\AppData\Local\Temp\). for me they were gone.
4. go to your startup manager and delete the suspicious entries. they should stay deleted.
hope this helps. i anyone else can verify that this worked or provide another solution that would be great
