0
How do you clean 25 files on c windows system32 infected by trojan adclicker af if mcafee will not delete clean or quarantine them?
Wiki User
∙ 12y ago
System 32 is just the dump for the redundant files the ad clicker virus creates everytime computer restarts/starts up. The more times mcaffee cleans and deletes these files the more the virus recreates itself. These files are not viruses though they have the same antigen as the adclicker. the virus itself hides in the startup directory. Goto run menu type in "regedit". A registry menu will open up. Then goto HKCU\Software\MicrosoftWindows NT\CurrentVersion\Windows Once this folder path is visible click the value name on the right of the screen. Then right click on said value name and simply delete. Be careful though not to delete the wrong value name. This should work if it doesnt goto http://vil.nai.com/vil/systemhelpdocs/RegDel.htm
Wiki User
∙ 8y ago
Wiki User
∙ 12y agoHello,
Best way is to use either Malwarebytes or Super anti-spyware. McAfee is an excellent program but it is better to use a few different programs to keep the system clean. Another reason why those files cannot be dealt is they are in use and cannot be deleted until the program using them has been closed. Best to delete these is safe mode, just be very careful they are not system specific files needed to have the OS function.
Kineo
Add your answer:
Earn +20 pts
What two sub folders in the cWindowssystem 32 folder contain files needed for Windows startup?
C:\Windows\System32\config and C:\Windows\System32\drivers
Virus found attached to bliwavzkdkc file in windows system32 can you delete this file without much harm please help anyone?
In case your computer got infected, try the following:Get an antivirus program (if you don't have one already)Update your antivirusScan all your computer and delete, repair or quarantine the infected files.
What folder holds the windows registry?
C:\Windows\system32\restore, C:\Windows\registry\backup, C:\Windows\system32, C:\Windows\registry, C:\Windows\system32\config, C:\Windows\system32\config\RegBack
What two subfolders in the windows system32 folder contain files needed for windows startup?
1. C:\windows\system32\drivers and c:\windows\system32\config
What is the folder in which windows is installed is known generically as what?
System32 under C://Windows/System32
What 2 subfolders in the cwindows system32 folder contain files needed for windows startup?
1. C:\windows\system32\drivers and c:\windows\system32\config
What is the System32 directory on a Windows system?
The System32 directory on a Windows system is a place for storing files. The System32 directory is located in the C drive.
Where does windows store driver device files?
c:\Windows\system32 or c:\Windows\system32\drivers and have an .exe , .dll or .sys A+ Guide to software page 305
How do you remove Trojan win obfuscated gx?
From adaware forum In case you don't have HijackThis...* Download Trend Micro Hijack This™Doubleclick the HJTInstall.exe to start it.By default it will install HijackThis in the Program Files\Trendmicro folder and create a desktop shortcut.HijackThis will open after install. Press the Scan button below.Then in HijackThis, look if one of the following is present and check it in HijackThis:(the CLSIDs {********-****-****-****-************} may be different in your case, but the filename is always the same)O2 - BHO: BetaDivX - {48BF2BC0-2945-11D8-8CAC-00080FC65465} - C:\WINDOWS\system32\IR9V0_QCX.dllO2 - BHO: BetaDivX - {D99BACC6-6289-4D4F-8BAF-4192016AF547} - C:\Windows\System32\bDivX.dllO2 - BHO: IntelVideoCodec - {33A12BEB-3219-4CA8-99B4-733192704C62} - C:\WINDOWS\system32\IntelVideoDivX.dllO2 - BHO: IntelVideoCodec - {04F7FAC5-F506-4F29-9094-9CB9144B192C} - C:\WINDOWS\system32\IntelVideo.dllO2 - BHO: IntelVideoCodec - {AF36E90A-44CA-4EE3-B578-C07383623217} - C:\Windows\System32\Video32.dllO2 - BHO: RealMedia - {87B570FB-D2CF-4D3C-8E1B-E1E7018BBA95} - C:\WINDOWS\system32\dx50codec.dllO2 - BHO: RealMedia - {0EEDB911-C5FA-486F-8334-57288578C627} - C:\WINDOWS\system32\XunLeiBHO_Now.dllO2 - BHO: 3GP - {5D67E2E7-0C2B-4491-87C4-37F2AC6033D2} - C:\WINDOWS\system32\a3gpcodec.dllO2 - BHO: AlphaDivX - {3B236BEE-8200-421D-919D-CA17D5739D8F} - C:\WINDOWS\system32\aDivX.dllO2 - BHO: Mp3 Video - {D4FD35A3-101C-4FAA-A9CA-E8C9461C3CEF} - C:\WINDOWS\system32\mp3avi.dllO2 - BHO: Mp3 Video - {2B659BB5-3E85-4BC6-BAFC-98FEDFF3AE99} - C:\WINDOWS\system32\VideoMP3.dllO2 - BHO: Video On-line - {741403DD-46A4-4D58-8FA7-427335C3BBF6} - C:\WINDOWS\system32\PowerVideo.dllO2 - BHO: Video DivX 3.12 - {09D72564-27E2-4F12-8AB6-03F83E4567DE} - C:\WINDOWS\system32\sysdivx.dllO2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\system32\sysvideo32.dllO2 - BHO: System DivX4 - {2FA3B736-1AC7-454D-8E94-8BA8158BF064} - C:\WINDOWS\system32\sysvideo32.dllO2 - BHO: Video - {15FEB658-AACC-412E-BC13-D54CFD74A8F6} - C:\WINDOWS\stream32a.dllO2 - BHO: Video - {D0995F82-90C7-4C78-9B4C-C1700FB8B120} - C:\WINDOWS\windivx.dllClick the "Fix checked" button below.Then reboot your computer.After reboot, navigate to and delete one of the following file if still present (related with the entry you fixed in HijackThis):C:\WINDOWS\system32\IR9V0_QCX.dllC:\Windows\System32\bDivX.dllC:\WINDOWS\system32\IntelVideoDivX.dllC:\WINDOWS\system32\IntelVideo.dllC:\Windows\System32\Video32.dllC:\WINDOWS\system32\XunLeiBHO_Now.dllC:\WINDOWS\system32\dx50codec.dllC:\WINDOWS\system32\a3gpcodec.dllC:\WINDOWS\system32\aDivX.dllC:\WINDOWS\system32\mp3avi.dllC:\WINDOWS\system32\VideoMP3.dllC:\WINDOWS\system32\PowerVideo.dllC:\WINDOWS\system32\sysdivx.dllC:\WINDOWS\system32\sysvideo32.dllC:\WINDOWS\stream32a.dllC:\WINDOWS\windivx.dllAlso look if the following files are present and delete them:C:\Windows\System32\bDivX.dll.bakC:\WINDOWS\system32\IR9V0_QCX.dll.bakC:\WINDOWS\system32\IntelVideo.dll.bakC:\WINDOWS\system32\IntelVideoDivX.dll.bakC:\Windows\System32\Video32.dll.bakC:\WINDOWS\system32\XunLeiBHO_Now.dll.bakC:\WINDOWS\system32\dx50codec.dll.bakC:\WINDOWS\system32\a3gpcodec.dll.bakC:\WINDOWS\system32\aDivX.dll.bakC:\WINDOWS\system32\mp3avi.dll.bakC:\WINDOWS\system32\sysdivx.dll.bakC:\WINDOWS\system32\VideoMP3.dll.bakC:\WINDOWS\system32\PowerVideo.dll.bakC:\WINDOWS\system32\sysvideo32.dll.bakC:\WINDOWS\stream32a.dll.bakC:\WINDOWS\windivx.dll.bakNormally, by default, if you fix that entry in Hijackthis and your Internet Explorer is closed while fixing in HijackThis, HijackThis will already delete that file as well. So don't worry if you can't find the file afterwards anymore - HijackThis already deleted it. But it's always a good idea to doublecheck.Please make sure you don't delete "similar looking" files as they may be legitimate.In case when you're in doubt or it didn't solve your problem, please start a NEW thread in the HijackThisforum with your HijackThislog.FYI... Ad-Aware removes this pest as well. So make sure you have the latest updates.
What are Two subfolders in the CWindowssystem32 folder that contains files needed for Windows startup?
C:\windows\system32\drivers and c:\windows\system32\config
What tow subfolders in the c windowssystem32 folder conatin files needed for windows startup?
1. C:\windows\system32\drivers and c:\windows\system32\config
How do you stop system32 from popping up when you start up windows xp?
Mine has suddenly started doing this too. A required Microsoft Windows system directory, the Windows System32 directory is often located in either C:\Windows\System32 or C:\Winnt\system32. Often many Microsoft Windows error messages will contain the system32 directory because many of the system files Windows uses to run are stored in this directory. By itself the System32 directory will not cause any errors unless it is missing of course. If you are getting an error with a file in the System32 directory search for that file. No error message, it just pops up and has to be 'closed'
