also @ TechSpot: Updated Microsoft EULA prohibits class action lawsuits

TechSpot
Register now for a live online demo to see how the Office 365 suite of tools
- professional email, calendars, video conferencing, and file sharing -

[Active] Virus seems to start before windows

Discussion in 'Virus and Malware Removal' started by chix2k10, Feb 21, 2011.

Thread Status:
Not open for further replies.
Page 2 of 2

  1. chix2k10 Newcomer, in training

    Sorry for the MASSIVE delay in replying! Few home issues going on. The processes were in system32.

    Thats the only problem Im having....Why are there multiple processes?

    Thanks again for the help and patience
    chix2k10, Mar 15, 2011
    #21

  2. Bobbye Helper on the Fringe

    If they were in the System 32 folder, they are okay. As for your questions about "why are there so many processes?" You will need to be more specific.

    Removing all of the tools we used and the files and folders they created
    • Uninstall ComboFix and all Backups of the files it deleted
    • Click START> then RUN
    • Now type Combofix /Uninstall in the runbox and click OK. Note the space between the X and the U, it needs to be there.
      [IMG]
    • Download OTCleanIt by OldTimer and save it to your Desktop.
    • Double click OTCleanIt.exe.
    • Click the CleanUp! button.
    • If you are prompted to Reboot during the cleanup, select Yes.
    • The tool will delete itself once it finishes.
    Note: If you receive a warning from your firewall or other security programs regarding OTC attempting to contact the internet, please allow it to do so.

    • You should now set a new Restore Point and remove the old restore points to prevent infection from any previous Restore Points.

      Creating a Restore Point in Windows 7:
      • Click on Start> right click on Computer> Properties
      • Select System Protection
      • Click on the Create button (near bottom)
      • Type a name for the Restore Point
      • Click on Create again to save the restore point.

      Deleting all but the most recent System Protection point in Windows 7
      1. Click Start> Computer> right click the C Drive and choose Properties> enter.
      2. Click Disk Cleanup from there.
        [IMG]
      3. Click Clean up system files
        This restarts Disk Cleanup to run in elevated mode.
      4. Click the More Options tab
        [IMG]
      5. Click the Clean up under System Restore and Shadow Copies.
      6. Click OK.
      7. You will get a confirmation screen> Just click Delete.
      8. Click OK on the Disk Cleanup Screen.
      9. Click Delete Files on the Confirmation screen.
      [IMG]
      It will run the Disk Cleanup utility along with other selections if you have chosen any. (if you had a lot System Restore points, you will see a significant change in the free space in C drive)
      Images courtesy lytebyte.

      Empty the Recycle Bin
    Bobbye, Mar 15, 2011
    #22

  3. chix2k10 Newcomer, in training

    Stuck at first hurdle as usual! :\ It wont allow me to unistall combofix. Ive left the spaces after X and before U but the first time I tried it told me again that I had a corrupt copy, then scanned.
    chix2k10, Mar 21, 2011
    #23

  4. Bobbye Helper on the Fringe

    Do you have a log from the scan?
    Bobbye, Mar 21, 2011
    #24
Page 2 of 2
Thread Status:
Not open for further replies.