MS Removal Tool
I have been attempting to remove this MS Removal Tool disaster.
I have done the following:
Run Malwarebytes anti-malware - to no avail
I have run rkill.com this removed a couple of fileds but not the correct ones.
I cannot accesss my ESET antiq virus
I believe thekey file is
04-HKCU\,,\RunOnce:[FHrPqD
I have Windows 7 OS Home Edition and cannot get into ProgramData to delete this file.
Does anyone know a simple and effective way of getting rid of this.
I am not good enough to go into Registry files etc.
Thanks
I have done the following:
Run Malwarebytes anti-malware - to no avail
I have run rkill.com this removed a couple of fileds but not the correct ones.
I cannot accesss my ESET antiq virus
I believe thekey file is
04-HKCU\,,\RunOnce:[FHrPqD
I have Windows 7 OS Home Edition and cannot get into ProgramData to delete this file.
Does anyone know a simple and effective way of getting rid of this.
I am not good enough to go into Registry files etc.
Thanks
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
P.S. I shall also be following the links suggested by Younghx and acting accordingly.
If you have any other suggestions they will be most welcome
If you have any other suggestions they will be most welcome
This file will change. Run Malwarebytes again. Make sure you update it first. See what the name of the new file is and delete it.
If the problem persists:
Try running unhide.exe to remove hidden flags.
Download and run Unhide.exe to remove the hidden flags on files and folders.
http://download.bleepingcomputer.com/grinler/unhide.exe
If needed you can download ComboFix and if it doesn't delete it on its first run we can delete it using its script function.
1. Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
Try running unhide.exe to remove hidden flags.
Download and run Unhide.exe to remove the hidden flags on files and folders.
http://download.bleepingcomputer.com/grinler/unhide.exe
If needed you can download ComboFix and if it doesn't delete it on its first run we can delete it using its script function.
1. Please download ComboFix by sUBs:
http://download.bleepingcomputer.com/sUBs/ComboFix.exe
STOP all your monitoring programs (Antivirus/Antispyware, Guards and Shields) as they could easily interfere with ComboFix.
Double click combofix.exe & follow the prompts.
When finished, it will produce a log. Please save that log and attach it in your next reply.
Note:
Do not mouse-click combofix's window while it is running. That may cause it to stall.
ComboFix tutorial:
http://www.bleepingcomputer.com/combofix/how-to-use-combofix
ASKER
Thanks for your time and trouble.
ASKER
I have looked in the directory and the 04-HKCU edtc. RuncOnce file is not there
To Younghv: I had already followed the steps of bleepingcomputer to no avail. I have repeated them And also managed to download the latest version of malbytes which I ran - to no avail
I also ran ESET in Safemoade - it found only one suspect file and it did not apply to this problem
The MS Removal Tool probl;em remains.
Any other thoughts or actions please