Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations TouchToneTommy on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Meskisift Visaal Studie Virus? 6

Status
Not open for further replies.
kharrison70

kharrison70

MIS
Sep 22, 2010
9
US
Good morning, anyone here know how to remove this? I tried rkill to stop processes so I could remove it with Symantec but it crashes during scan. It runs a orrezoluew.exe. It seems to crash Windows installer among other things to cause havoc. I haven't been able to install anything to get rid of it. Any advice is appreciated.
Thanks

Kathy

[bigears]
 
Sort by date Sort by votes
You may have to create a bootable CD or USB drive that has an anti-virus installed. Several companies like Sophos and Avast have them for free. Make sure you download and create the CD or USB on a clean machine.


James P. Cottingham
I'm number 1,229!
I'm number 1,229!
 
Upvote 0 Downvote
Just get the Ultimate Boot CD for Windows and boot to that. Then you can remotely edit the registry and remove where it's starting from AND/OR directly delete the file out of the file system.

In these cases, I actually copy NOTEPAD.exe to the same folder as the malware, rename the malware file and name NOTEPAD the name of the malware file. Then you KNOW when windows boots whether the malware is still being called somewhere in the startup areas IF notepad launches.

"Living tomorrow is everyone's sorrow.
Modern man's daydreams have turned into nightmares.
 
Upvote 0 Downvote
goombawahoo,

Thanks for that thought/idea on using a separate program (notepad in this instance) to know if the malware application is being triggered. That's definitely an interesting way to test things.

"But thanks be to God, which giveth us the victory through our Lord Jesus Christ." 1 Corinthians 15:57
 
Upvote 0 Downvote
Thanks kjv1611. Yes, it came to me in a brainstorm one time OR I found it online as a suggestion, but I honestly can't remember. Does a good job of visually showing you whether you have snuffed out the trigger mechanism in the registry. Plus the malware thinks it's starting up normally in case it's one of those that tries to heal itself if it cannot start.

"Living tomorrow is everyone's sorrow.
Modern man's daydreams have turned into nightmares.
 
Upvote 0 Downvote
Sorry for the delay, PC user was on vacation, Goombawaho, that worked. I appreciate you both for your time. Have a good weekend.
 
Upvote 0 Downvote
Cool. Glad you snuffed it.

"Living tomorrow is everyone's sorrow.
Modern man's daydreams have turned into nightmares.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

iambob
  • Locked
  • Question
Avast Anti-Virus is.. a virus?! 3
Replies
5
Views
174
Oorde
Oorde
andyv2011
  • Locked
  • Question
Looking at Virus Actions
Replies
0
Views
75
andyv2011
andyv2011
Tiffc0922
  • Locked
  • Question
Virus / Malware Scans on Local PCs
Replies
5
Views
120
goombawaho
goombawaho
CCX008
  • Locked
  • Question
Barowwsoe2save , how can I remove this stubborn virus !! 3
Replies
10
Views
160
goombawaho
goombawaho
jlockley
  • Locked
  • Question
Virus? (posted in Windows, but perhaps it belongs here)
Replies
3
Views
106
jlockley
jlockley

Part and Inventory Search

Sponsor

Back
Top