Windows 7 How to Remove TROJ_HIDEFIL.BMC Blocked by Trend Micro Titanium

[kyler211]

my anti-virus (Trend Micro Titanium)
has been blocking a process called "appsvc.exe" saying it is a "TROJ_HIDEFIL.BMC"
i have located it but i cannot delete it saying that i need permission from my user to delete it. I am currently logged on as my user but i am unable to delete it saying the same error message. i have also tried to use the hidden administrator account using "net user administrator /active:yes"
but that account also needs permission from my user.
it constantly tries to open every 5 seconds and i cannot stop it. i can end its process from the task manager but it still continues to try starting itself up again. please help.

 

[patcooke]

The exe of the installed mbam or the exe of the download?

 

[kyler211]

the exe of the installed bam

 

[kyler211]

Link Removed
i tried this and then trend micro stopped detecting appsvc.exe
i didnt have those exact registers but i deleted what didnt look right which was a register called appgraffiti.
thanks for the help

 

[patcooke]

ok. I would now try installing and running mbam again because if it still does not run there is still a problem which needs investigating.

 

[kyler211]

the same error still pops up
it still cant find the file specified, even though i click the exe directly and not through a shortcut.

 

[patcooke]

Try right clicking on it and selecting "run as administrator".

 

[kyler211]

didnt change anything, still makes the same error

 

[patcooke]

It may be being blocked by malware - try mbam chameleon from this link:

http://www.malwarebytes.org/chameleon/

 

[kyler211]

it crashes when i try to open it
it opens the mbam but it crashes right after

actually it crashes when it tries to scan

 

[patcooke]

Have you tried running each and every one of these in turn?

chameleon.exe
chameleon.com
mbam-chameleon.pif
mbam-chameleon.scr
svchost.exefirefox.exe
firefox.exe
firefox.com
firefox.pif
firefox.scr
iexplore.exe
winlogon.exe
rundll32.exe

 

[kyler211]

yes i have ran all of them, if i run them they open some console then opens mbam which instantly crashes, when i open mbam without using them and try to scan with it, it crashes

 

[kyler211]

i have to get to bed since i have school tomorrow, sorry but im afraid we have to continue this tomorrow

 

[patcooke]

ok I'll give it some more thought.

 

[Pauli]

It may not be the smartest thing to double click the exe, as many programs may have several exes, linked in various ways. You should use the Shortcut in Programs, or the shortcut on desktop.

Further, "A System Restore error would only appear if someone was actually trying to run System Restore in an effort to fix a problem." - Link Removed

Might be very true. Leading my thoughts to the fact that it's a driver / other installation problem. Instead of restore, you might try "hard way" uninstallation of anything installed lately, especially if you have used some automated updates. Not to forget, quite often these problems are faster resolved by reinstalling Windows altogether, instead of fighting for light years with isolated problems. A good move is to have Windows System installed in one place, and have personal files in another place = partition or disk. That way you can reinstall Windows without having personal files affected.

Hope you get it fixed - sincere hope!

 

[kyler211]

how do i choose which directory maxspyware installs to? my cd drive c doesnt have enough space

 

[patcooke]

Your cd drive is drive C? Do you mean your system drive? How much space do you have free on the drive and how much does the software require?

 

[kyler211]

it needs 600mb and i have 400, i have nothing non-essential in that drive, my antivirus takes about 5gb of the space and the rest of the stuff are system files and alienware software

 

[patcooke]

If you have hibernation on you could turn that off and probably save all you need.

 

[kyler211]

how do i turn off hibernation mode?

 

[patcooke]

Run command mode by right clicking and run as administrator. In the command window enter:

powercfg.exe -h off

Reboot