2 Replies Latest reply on Apr 6, 2011 6:24 PM by techrumy

    anti rogue spyware

      hello, I have MS Removal Tool on my home computer and I can not get it off! Does anyone have any hints for me?

        • 1. Re: anti rogue spyware
          Peacekeeper

          Update your dat files and scan your PC with Virusscan in Safe Mode.

           

          To do this, tap F8 repeatedly while booting up. You'll get a boot screen with choices. Pick Safe Mode. Your PC will boot in a low resolution state as most processes won't be running. Go to "MyComputer" (XP) or "Computer" (Vista), right-click the hard drive and select "Scan" from the drop-down menu. You'll see an extra taskbar icon which will show a progress report if youhover over it.

           

          If no good do one or both of the following :

          - Run the free Mcafee Stinger program from http://vil.nai.com/vil/stinger/ -

           

          Run getsusp

          Download the latest getsusp here https://community.mcafee.com/thread/32269

          Before you use Getsusp, you should go to this document

          https://community.mcafee.com/docs/DOC-1323

          and download the PDF file explaining what Getsusp is and how it works, and this document

          https://community.mcafee.com/docs/DOC-1761

          which downloads the installation guide PDF document

           

          Or try below skip the ad at the top....

           

          http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool

           

          Message was edited by: Peacekeeper on 6/04/11 8:00:13 PM
          • 2. Re: anti rogue spyware
            techrumy

            Additionally, you can rename the main executable of Ms Removal Tool if you can't get into safe mode. It should be something like fHrPqDaZcCg02547.exe, rename it to virus.exe or other. Restart your computer, then this malware shouldn't load up. Now you should be able to use any antimalware tool to remove it and any related malware from your computer without any restrictions. If you choose to remove it manually, don't forget to remove registry key related to this malware.

             

            Files:

             

            For Windows XP users:

            • C:\Documents and Settings\All Users\Application Data\[SET OF RANDOM CHARACTERS]\[SET OF RANDOM CHARACTERS].exe

                       Example: C:\Documents and Settings\All Users\Application Data\fHrPqDaZcCg02547\fHrPqDaZcCg02547.exe

             

            For Windows Vista and Windows 7 users:

            • C:\ProgramData\[SET OF RANDOM CHARACTERS]\[SET OF RANDOM CHARACTERS].exe

                      Example: C:\ProgramData\fHrPqDaZcCg02547\fHrPqDaZcCg02547.exe

             

            Registry values:

            • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce "[SET OF RANDOM CHARACTERS]"

             

            Additional information about Ms Removal Tool:

             

            http://deletemalware.blogspot.com/2011/03/how-to-remove-ms-removal-tool-uninstal l.html

             

            http://www.youtube.com/watch?v=w7f48-Ky9ow

             

            Cheers!