I recently had one of our computers get infected with smss32/Internet Security 2010. Originally Malwarebytes was unable to deal with it, so following the instructions in other threads I:
1) Downloaded rkill
2) Downloaded and installed a new copy of MBAM
3) Ran rkill
4) Ran MBAM
Now after running MBAM again, it was able to pick up the infection, however, the system kept crashing every time MBAM tried to remove the infected files. Now this is where I'm going to get yelled at: because MBAM couldn't remove the files, I went in and manually deleted the files in my system32 folder related to the program: 41.exe, smss32.exe, winlogon32.exe and helper32.dll (I know, I know).
After that MBAM was able to complete its cleaning and I was able to go back in via regedit and make sure things like task manager and being able to change the desktop were back on. The computer is now seemingly malware free, HOWEVER I can no longer log into the internet using that computer. I read here that it was related to removing helper32.dll.
My question is:
1) Should I restore some or all of the files I manually deleted and run MBAM again (keep in mind it was crashing every time I tried to clean them before)
-or-
2) Is there a setting that this has changed that I can restore myself via regedit or msconfig?
Thanks!