tlii.exe

  • Thread starter Thread starter Guest
  • Start date Start date
G

Guest

I have a piece of spyware running under the process tlii.exe MS and Norton
anti-spyware do not seem to recognize this as spyware. Any suggestion on how
to clean this up without purchasing yet another piece of anti-spyware
software or can MS do the job?
 
Here's a few options that should help you get the system clean, Download
Ewido Security Suite & Ccleaner then run them in safe mode and use Microsoft
Antispyware to remove the startup entry if you can find it.

download Ccleaner.

http://www.ccleaner.com/ccdownload.asp

Install CCleaner, Do not run yet. You will run it later in safe mode.

Download the trial version of Ewido Security Suite here.

http://www.ewido.net/en/download/

Install ewido.

During the installation, under "Additional Options" uncheck "Install
background guard" and "Install scan via context menu".

Launch ewido

On the left side of the main screen click update
Click on Start and let it update.
DO NOT run a scan yet. You will do that later in safe mode.

Open Microsoft Antispyware and goto Advanced Tools then System Explorers,
next click Startup Programs, under Registry Current User check for

Sen - C:\Program Files\bama\tlii.exe

If found left click the entry and on from the menu on the bottom right
choose "Permanently Remove Startup Program" then press Yes to Confirm

Next copy this to notepad and save it if needed so you can view it in safe
mode

Reboot into safe mode

Restart your computer and immediately begin tapping the F8 key on your
keyboard.
If done right a Windows Advanced Options menu will appear. Select the Safe
Mode option and press Enter.
To return to normal mode just restart your computer as you normally would.

In Safe mode delete this folder

C:\Program Files\bama <-- Delete this folder

If you cannot find the folder then Enable Hidden Files and Folders

Click Start > Open My Computer > Select the Tools menu from the top bar and
click Folder Options > Select the View Tab.

Under the Hidden files and folders heading select Show hidden files and
folders.
Uncheck the Hide protected operating system files (recommended) option.

Click Yes to confirm > Click OK.

Set this back after you have checked for the file by opening the same page
and pressing "Restore Defaults"

Run Ewido again. From the main menu click on 'scanner' then click 'Complete
System Scan' When ewido finds something, it will pop up a notification.
Select "Remove" and check the boxes "Perform action with all infections" and
"Create encrypted backup" then click on ok.When the scan finishes, click on
"Save Report" and save it to your desktop or c:/drive incase you need it
again.

Start Ccleaner and click Run cleaner

Reboot back to normal mode

Let us know if you have problems or cannot find the folder in program files

Regards

Andy
 
Back
Top