Main Forum > General Computer Support
Can't delete .exe (virus) and can't kill process
Boggin:
--- Quote from: Rick on June 15, 2015, 02:00:00 am ---safe mode? run sfc /scannow
or, repair install only works ok too
do you, use games in ADM mode?
setup another User ID only for games without ADM privaleges and still use a password
chk your firewall before SFC or a repair install, if repair install, reset firewall before doing...
--- End quote ---
Prior to any kind of install, you still need to back up as a safeguard and Cencio has said that no external media is available at the moment.
This looks like a serious Rootkit that requires expert advice to remove and I think I've already given the best advice to help to achieve this.
Cencio:
So here's what happened yesterday. I tried to remove all the things on safe mode and the results are these:
process didn't show up in safe mode (it did the last time...) not even the two .exe's file did show up, don't know why.
I opened the regedit and not even the string where there anymore (at least in safe mode)
I opened the msconfig and removed the checks from all those automathed processes who the virus created.
I restarted the PC in normal mode and the process flew away, the .exe's disappeared and not even the strings on regedit are there anymore.
In the msconfig the string are no more 4 but 2 and they are unchecked, since the link for the exe and the string they were searching for is empty now.
I tried restarting the PC a couple of time and still the process and the .exe's won't show up again...
Does it even make any sense? Can this virus/rootkit/malware or whatever it is, be the cause of the artefacts on my VGA, or is that just a coincidence...?
Boggin:
That doesn't sound like an infection but possibly adware.
If you uninstall something having unchecked the items in msconfig, it leaves orphaned files so those entries will remain.
In some cases you need to reboot to effect a removal, which rebooting from Safe Mode would have effected.
Can you post a snip of the msconfig so I can have a look at the questionable items ?
Cencio:
--- Quote from: Boggin on June 15, 2015, 07:32:17 am ---That doesn't sound like an infection but possibly adware.
If you uninstall something having unchecked the items in msconfig, it leaves orphaned files so those entries will remain.
In some cases you need to reboot to effect a removal, which rebooting from Safe Mode would have effected.
Can you post a snip of the msconfig so I can have a look at the questionable items ?
--- End quote ---
They are the first two, the ones called 62300eccecc
Rick:
--- Quote from: Cencio on June 15, 2015, 08:05:58 am ---
--- Quote from: Boggin on June 15, 2015, 07:32:17 am ---That doesn't sound like an infection but possibly adware.
If you uninstall something having unchecked the items in msconfig, it leaves orphaned files so those entries will remain.
In some cases you need to reboot to effect a removal, which rebooting from Safe Mode would have effected.
Can you post a snip of the msconfig so I can have a look at the questionable items ?
--- End quote ---
They are the first two, the ones called 62300eccecc
--- End quote ---
well boggin;
sounds like a job for sysinternals to remove one by one...
download this file; Thursday, June 11, 2015 5:21 AM 680600 autoruns.exe
from http://live.sysinternals.com/
You need be able find all instances of runthis.exe
delete it from your system and search any external devices, Iphone etc...
install sysinternals and delete the questionable files loaded;
Navigation
[0] Message Index
[#] Next page
[*] Previous page
Go to full version