Vista Forums - View Single Post

03-08-2008

SG wrote:

(snippage)

Quote:

> C:\Users\User\AppData\Local\Temp\FLBPKKMMZXYZ.exe
>
> This rouge process is listed is Services. I have managed to Disable it,
> however I'd like to remove entirely. I found it in the Registry, but I
> cannot find a way to remove it. I've done everything I know even in the
> Safe Mode and it will not let you delete, modify or whatever.
> It has no Dependencies listed, the Service and Display names are the same
> "FLBPKKMMZXYZ"

Quote:

> The one thing I did do before trying to remove from it the Registry was
> delete the file from AppData\Local\Temp. Could this be preventing me from
> removing the Registry entry? I wouldn't think so, but it may be the first
> time in my life I was wrong :>)

Your computer is infected and the methods you've used will not clean it.

Go through these general malware removal steps systematically -
http://www.elephantboycomputers.com/...moving_Malware

Include scanning with David Lipman's Multi_AV and follow instructions to do
all scans in Safe Mode. Please see the special Notes regarding using
Multi_AV in Vista.

http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions
http://tinyurl.com/yoeru3 - download link and more instructions

When all else fails, run HijackThis and post your log in one of the
specialty forums listed at the first link above (not here, please).

Not all tools used will work in Vista and you will need to run them
elevated. If you are unable to remove the infection by following the
general steps, register at one of the HijackThis forums as suggested.

Standard disclaimer: I can't see and test your computer myself, so these are
just suggestions based on many years of being a professional computer tech;
suggestions based on what you've written. You should not take my
suggestions as a definitive diagnosis. If you can't do the work yourself
(and there is no shame in admitting this isn't your cup of tea), take the
machine to a professional computer repair shop (not your local equivalent
of BigComputerStore/GeekSquad). Please be aware that not all local shops
are skilled at removing malware and even if they are, your computer may be
so infested that Windows will need to be clean-installed. If possible, have
all your data backed up before you take the machine into a shop.

Malke
--
MS-MVP
Elephant Boy Computers
www.elephantboycomputers.com
Don't Panic!

03-08-2008	#2 (permalink)
Malke n/a posts	Re: Rouge Process I cannot get rid of. SG wrote: (snippage) Quote: > C:\Users\User\AppData\Local\Temp\FLBPKKMMZXYZ.exe > > This rouge process is listed is Services. I have managed to Disable it, > however I'd like to remove entirely. I found it in the Registry, but I > cannot find a way to remove it. I've done everything I know even in the > Safe Mode and it will not let you delete, modify or whatever. > It has no Dependencies listed, the Service and Display names are the same > "FLBPKKMMZXYZ" Quote: > The one thing I did do before trying to remove from it the Registry was > delete the file from AppData\Local\Temp. Could this be preventing me from > removing the Registry entry? I wouldn't think so, but it may be the first > time in my life I was wrong :>) Your computer is infected and the methods you've used will not clean it. Go through these general malware removal steps systematically - http://www.elephantboycomputers.com/...moving_Malware Include scanning with David Lipman's Multi_AV and follow instructions to do all scans in Safe Mode. Please see the special Notes regarding using Multi_AV in Vista. http://www.elephantboycomputers.com/page2.html#Multi-AV - instructions http://tinyurl.com/yoeru3 - download link and more instructions When all else fails, run HijackThis and post your log in one of the specialty forums listed at the first link above (not here, please). Not all tools used will work in Vista and you will need to run them elevated. If you are unable to remove the infection by following the general steps, register at one of the HijackThis forums as suggested. Standard disclaimer: I can't see and test your computer myself, so these are just suggestions based on many years of being a professional computer tech; suggestions based on what you've written. You should not take my suggestions as a definitive diagnosis. If you can't do the work yourself (and there is no shame in admitting this isn't your cup of tea), take the machine to a professional computer repair shop (not your local equivalent of BigComputerStore/GeekSquad). Please be aware that not all local shops are skilled at removing malware and even if they are, your computer may be so infested that Windows will need to be clean-installed. If possible, have all your data backed up before you take the machine into a shop. Malke -- MS-MVP Elephant Boy Computers www.elephantboycomputers.com Don't Panic!
My System Specs