10:45 pm
These instructions seem reliable from the website, I am following them:
http://www.bleepingcomputer.com/virus-removal/remove-system-fix
I have run the following processes twice:
rkill
malware bytes anti-malware
but system fix is not gone yet.
I attempted to remove system fix by registering the software, following these instructions:
http://deletemalware.blogspot.com/2011/11/remove-system-fix-uninstall-guide.html
It did not seem to help, and I read bad things about spy doctor, so I did not continue these instructions.
Windows Defender found and quarantined a Trojan virus, I believe it was FBapqcwc1aEov8, which is located at HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run
and has a command located at
C:\ProgramData\FBapqcwc1aEov8.exe. I deleted this command.
Looking at msconfig, this started at startup, but I disabled it. I deleted the command. The startup item still shows up on the start menu.
DLXCATS, in startup, is for dell computers http://www.winvistatips.com/dlcxcats-process-p2949.php
You can access the Hot Keys (HK) by typing 'regedit' into 'run' from the 'start mode'
4:06 AM
I ran kaspersky virus removal software, which found 1 malicious software file:
Rootkit.Boot.SST.a
It was located at \Device\Harddisk0\DR0
Kaspersky disinfected this file.
The Kapersky scan did not look at the C, D, or Q drives before, so I will scan those with it.
TO DO:
1step 22 of http://www.bleepingcomputer.com/virus-removal/remove-system-fix
2See if step 2 on this website http://www.pcrisk.com/removal-guides/6575-remove-system-fix is worth following
Kaspersky says it will finish in 6 hours...
No comments:
Post a Comment