I've been hit with the Windows Process Manager (32-bit) virus. I've tried to follow the instructions from the other posts regarding this, but was only able to get the FRST and Addition.txt files. Also, I've been unable to do the advanced recovery boot. Please help. The files are attached.
Windows Process Manager (32-bit)
- Thread starter forevergent777
- Start date
- Status
- Mar 8, 2013
- 22,627
Hello,
Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
Access the notepad and identify your USB drive
In the Command Prompt please type in:
and press Enter.
Scan with Farbar Recovery Scan Tool
Once back in the command prompt window, please do the following:
Transfer it to your clean machine and include it in your next reply.
Please download Farbar Recovery Scan Tool x64 and save it to a flash drive.
- Plug the flashdrive into the infected PC.
- Boot to windows recovery by using one of the methods on this link: Boot to Advanced Startup Options in Windows 10
- Now you should get a window like this where you need to click Troubleshoot.
- In the next window, click Advanced options and select Command Prompt.
- Now you should log in into your account and after that Command Promptwindow.
In the Command Prompt please type in:
Code:
notepad- When the notepad opens, go to File menu.
- Select Open.
- Go to Computer and search there for your USB drive letter.
- Note down the letter and close the notepad.
Once back in the command prompt window, please do the following:
- Type in e:\frst64.exe and press Enter.
You need to replace e with the letter of your USB drive taken from notepad! - FRST will start to run. Give him a minute or so to load itself.
- Click Yes to Disclaimer.
- In the main console, please click Scan and wait.
- When finished it will produce a logfile named FRST.txt in the root of your pendrive and display it. Close that logfile.
Transfer it to your clean machine and include it in your next reply.
I'm unable to get to the Advanced Boot Options, and I've tried all the possible methods I could.
Also, can you give me until January 8, which is when I'll have access to a different computer that's clean?
Also, can you give me until January 8, which is when I'll have access to a different computer that's clean?
- Mar 8, 2013
- 22,627
Ok, so what I managed to do instead was access System Configuration using WinKey+R, type in msconfig, and open the System Configuration window. Using that, I changed the Boot Option to Safe Boot. From there, I was able to use the Command Prompt to run the FRST64 program and the Fixlist. Looking at the Fixlist, I can see that it at least found the folders in the Appdata/Local folder that is the source of the problem (because I couldn't and still can't delete them since I'm denied access, even though I'm the Administrator). However, it was unable to get rid of those folders.
Here's the fixlog. Please let me know what else I can do because I'm still unable to access the Windows RE.
Here's the fixlog. Please let me know what else I can do because I'm still unable to access the Windows RE.
- Mar 8, 2013
- 22,627
Opening a topic on multiple forums is not allowed.
Windows Process Manager (32 bit) Virus - Virus, Trojan, Spyware, and Malware Removal Logs
Closing this one.
Windows Process Manager (32 bit) Virus - Virus, Trojan, Spyware, and Malware Removal Logs
Closing this one.
- Status
Similar threads
- Locked
-
- Locked
