Comment Re:Wait a pain... (Score 1) 353
I had to talk a cousin of mine through the removal over the phone. I couldn't remote control his PC because the ISP was baller blocking.
I didn't need to use any fancy progams to get it to quit running, but I did use Spybot and AVG to remove it after it stopped running at startup.
Steps:
1) Killed all suspicious processes using Processor Explorer/Task Manager. Researched ones I wasn't sure of.
2) Disabled System Restore. (Critical)
3) Removed all traces and suspicious programs from the "run" sections in the Registry. (Do a search for "run" using only 'keys' and 'match whole string' checked.)
4) Searched the drive for the executable files found in the registry and renamed them to something rude.
5) Pulled the plug from the machine. Upon restart, it wasn't running and AVG was able to move it to it's vault. Spybot took care of the rest.
I didn't need to use any fancy progams to get it to quit running, but I did use Spybot and AVG to remove it after it stopped running at startup.
Steps:
1) Killed all suspicious processes using Processor Explorer/Task Manager. Researched ones I wasn't sure of.
2) Disabled System Restore. (Critical)
3) Removed all traces and suspicious programs from the "run" sections in the Registry. (Do a search for "run" using only 'keys' and 'match whole string' checked.)
4) Searched the drive for the executable files found in the registry and renamed them to something rude.
5) Pulled the plug from the machine. Upon restart, it wasn't running and AVG was able to move it to it's vault. Spybot took care of the rest.
