Quote Originally Posted by jholland1964 View Post
Before I do Is there some way I could update the mbam data manually?, like copying an entire mbam folder from an updated uninfected machine???

If you have an uninfected machine then Why are you using a zip file to store these files? That makes no sense whatsoever. Why are you using Filezilla? All you need is a clean flash drive. You can easily move files from a flash drive to a computer.
My Windows will not recognise flash drives or CDs when booted in normal mode, it only recognises them in Safe mode.

Quote Originally Posted by jholland1964 View Post
No need for zip files. Unzipping a file may be all this infection needs to react. The act of unzipping IS a running process.

A zipped file will not necessarily remain clean. Everytime you unzip it then it is open and the files inside can become infected. Many infections spread via zipped files.

You were not told to put any files into a zip file. You were told to use the executable files, not from a zip file.
You are making this all the more complicated than it needs to be by doing things that are not listed in ANY steps...keeping the Task Manager open for one thing. That is a running file which may interfere. EVERYTHING except the ONE rkill should be closed. Nothing else should be open. None of those other rkill files should have been running.
OK.. no zip files, no task manager from now on!

Quote Originally Posted by jholland1964 View Post
The instructions are very clear. The files don't go to any temporary folder. The file directly to the desktop, either via downloading using Safe Mode with Networking OR moving them from a flash drive to the infected computer.

Quote Originally Posted by jholland1964 View Post
RKill only terminates RUNNING infection processes it doesn't remove them. It doesn't remove other files that are not running.

You don't ever run all of them UNLESS ONE of them doesn't work. Then you move to the next ONE not all of them.

If ONE works then the others don't need to be run.

Once ONE works then you move forward to do MBA-M and not one held in a zip file but a brand new clean copy either downloaded via safe mode with networking to the infected computer OR by transferring the brand new CLEAN MBA-M install file (not the entire program) to the infected computer and installing it.
Ok, but It is not clear how I can tell that one WORKED...
I run it, it shows the expected dos box, says it's killing stuff please wait... after a couple of minutes the dos box disappears then pops up the Notepad with the log file. I assume that's success? but maybe not what you mean by "worked"?

Then I tried mbam and it failed to start... does THAT mean the rkill did not work?

If yes then what is next step from here? Reboot and try again with a different rkill?
or just move on to the next without rebooting as I thought I reaD (maybe I read it wrong)

Quote Originally Posted by jholland1964 View Post
If you really wanted assistance you would have followed ONLY the steps given, not anything else.
By continually re-using the same "dirty" files is defeating everything. mba-m.exe should NOT have been running at all prior to rkill being run, it should not have been showing in the running processes. It should not have been started until rkill was finished and it DOES show you that it is finished.
If it's not what I described above... In what way should it show that it's finished?

Quote Originally Posted by jholland1964 View Post
Your computer has an EXTREMELY dangerous infection on it as noted by the file found by MBA-M in your initial run and that is the Trojan.SpyEyes in the family of password stealers and remote access trojans.
It is an infection that can enter the computer via a zip file, P2P file sharing, OR, visiting remote, crack and keygen sites. Obivously the removal of the ONE file by MBA-M did not remove the full infection, if it had you should not be having to still try to remove it.

This infection injects code in legitimate files and in many cases the infected files (which could number in the thousands) cannot be disinfected properly by your anti-virus program or likely other removal programs either. When disinfection is attempted, the files often become corrupted and the system may become unstable or irreparable. The longer the infection remains on a computer, the more files it infects and corrupts so the degree of infection can vary.

Since you have not even followed the instructions as given I am sure this infection has taken an even deeper hold on your computer.
Your best bet at this point is a reformat and reinstall of the system.
I am sorry to provoke your wrath, I appreciate your help and advice. I have tried to follow the instructions but have hit hurdles, and tried to overcome them by seeking ways over the hurdles, sorry if that complicated things.

Sorry to have wasted your time. I guess I'll be re-installing from scratch then

Thanks again, and good luck!