got a virus called ms removal i used hitman pro and mal ware both to no avail.Any recommendation,please

"ms removal (http://www.google.com/#sclient=psy&hl=en&q=ms+removal+tool&aq=0z&aqi=g-z1g4&aql=&oq=&pbx=1&bav=on.2,or.r_gc.r_pw.&fp=f05d2ab524568127)"

got a virus called ms removal i used hitman pro and mal ware both to no avail.Any recommendation,pleaseDamn...hitman pro failed to help? This depresses me...hope you find a solution soon...and when you do, be sure to post about it here...

http://www.microsoft.com/Security_Essentials/

You need to run Hitman P in safe mode for this ditty.

or...

Found these responses from 2 days ago:

Boot your computer in safe mode by repeatedly tapping the F8 key as you boot. Choose "safe mode with networking". Do the scan with MalwareBytes from there. Delete everything it finds. If it does not find anything download Super Anti-Spyware or Hitman Pro (in safe mode) and do a scan using it. All these program are free and legitimate.

Ms Removal Tool description and removal guide:
http://deletemalware.blogspot.com/2011/0…


There are keys that disable it, like listed here : http://www.2-viruses.com/remove-ms-removal-tool or here : http://siri-urz.blogspot.com/2011/03/ms-removal-tool.html
Then scan with Malwarebytes, Hitman pro, etc, you should able to download it then.
If you can't try rebooting into safe mode and do system restore.
1 day ago Report Abuse


This worked for me, and it was really simple:

1) Shut Down and Restart. (After restarting, do remaining steps quickly, before virus stops apps from working again.)
2) As soon as you can, press Ctrl-Alt-Delete and start Task Manager.
3) In Applications tab of Task Manager, right-click on MSRemovalTool, and click GoToProcess. This will highlight the MSRemovalTool executable filename in the Process tab of Task Manager.
4) In Process tab of Task Manager, right-click on the MSRemovalTool executable filename, and click Properties.
5) In the General tab of the Properties pop-up, note the location of the executable file. My virus file was in folder C:\ProgramData\cGhKeHfCnLI28600. No guarantee you will have the same folder name.
6) Click OK to close Properties pop-up.
7) In Process tab of Task Manager, right-click on virus executable filename, and click End Process.
8) In Windows Explorer, locate folder from step 5. Delete this folder and all contents of the folder. The virus executable file is in this folder. (If you didn’t do step 7, then you won’t be able to do this step. The virus program must be closed for you to be able to delete it.
9) For my own peace of mind, I next emptied my Recycle Bin.
10) Shut Down and Restart. Everything was back to normal for me.

This board has come a long way .........

Yup, I remember when you were the only "Shell Answer Man" around here... :lol:

This board has come a long way .........

You need to run Hitman P in safe mode for this ditty.

or...

Found these responses from 2 days ago:

Boot your computer in safe mode by repeatedly tapping the F8 key as you boot. Choose "safe mode with networking". Do the scan with MalwareBytes from there. Delete everything it finds. If it does not find anything download Super Anti-Spyware or Hitman Pro (in safe mode) and do a scan using it. All these program are free and legitimate.

Ms Removal Tool description and removal guide:
http://deletemalware.blogspot.com/2011/0…


There are keys that disable it, like listed here : http://www.2-viruses.com/remove-ms-removal-tool or here : http://siri-urz.blogspot.com/2011/03/ms-removal-tool.html
Then scan with Malwarebytes, Hitman pro, etc, you should able to download it then.
If you can't try rebooting into safe mode and do system restore.
1 day ago Report Abuse


This worked for me, and it was really simple:

1) Shut Down and Restart. (After restarting, do remaining steps quickly, before virus stops apps from working again.)
2) As soon as you can, press Ctrl-Alt-Delete and start Task Manager.
3) In Applications tab of Task Manager, right-click on MSRemovalTool, and click GoToProcess. This will highlight the MSRemovalTool executable filename in the Process tab of Task Manager.
4) In Process tab of Task Manager, right-click on the MSRemovalTool executable filename, and click Properties.
5) In the General tab of the Properties pop-up, note the location of the executable file. My virus file was in folder C:\ProgramData\cGhKeHfCnLI28600. No guarantee you will have the same folder name.
6) Click OK to close Properties pop-up.
7) In Process tab of Task Manager, right-click on virus executable filename, and click End Process.
8) In Windows Explorer, locate folder from step 5. Delete this folder and all contents of the folder. The virus executable file is in this folder. (If you didn’t do step 7, then you won’t be able to do this step. The virus program must be closed for you to be able to delete it.
9) For my own peace of mind, I next emptied my Recycle Bin.
10) Shut Down and Restart. Everything was back to normal for me.

Thanks,your intructions worked to a t.

Thanks,your intructions worked to a t.
Happy to hear it. :ThmbUp:

Both PA & I empathized with your dilemma.

Yup, I remember when you were the only "Shell Answer Man" around here... :lol:

That's what I was getting at. Lots of good people on this board. Some very sharp guys. Great place to come to for help.

Mack, nice work............

Thanks,your intructions worked to a t.
Which option worked? Using hitman pro in safe mode, or option #2?

Which option worked? Using hitman pro in safe mode, or option #2?

Hitman pro in safe mode,not only the best horse forum but these members know there s#$t!.Thanks PA for your hard work in keeping this thing forum being #1.

You need to run Hitman P in safe mode for this ditty.

or...

Found these responses from 2 days ago:

Boot your computer in safe mode by repeatedly tapping the F8 key as you boot. Choose "safe mode with networking". Do the scan with MalwareBytes from there. Delete everything it finds. If it does not find anything download Super Anti-Spyware or Hitman Pro (in safe mode) and do a scan using it. All these program are free and legitimate.

Ms Removal Tool description and removal guide:
http://deletemalware.blogspot.com/2011/0…


There are keys that disable it, like listed here : http://www.2-viruses.com/remove-ms-removal-tool or here : http://siri-urz.blogspot.com/2011/03/ms-removal-tool.html
Then scan with Malwarebytes, Hitman pro, etc, you should able to download it then.
If you can't try rebooting into safe mode and do system restore.
1 day ago Report Abuse


This worked for me, and it was really simple:

1) Shut Down and Restart. (After restarting, do remaining steps quickly, before virus stops apps from working again.)
2) As soon as you can, press Ctrl-Alt-Delete and start Task Manager.
3) In Applications tab of Task Manager, right-click on MSRemovalTool, and click GoToProcess. This will highlight the MSRemovalTool executable filename in the Process tab of Task Manager.
4) In Process tab of Task Manager, right-click on the MSRemovalTool executable filename, and click Properties.
5) In the General tab of the Properties pop-up, note the location of the executable file. My virus file was in folder C:\ProgramData\cGhKeHfCnLI28600. No guarantee you will have the same folder name.
6) Click OK to close Properties pop-up.
7) In Process tab of Task Manager, right-click on virus executable filename, and click End Process.
8) In Windows Explorer, locate folder from step 5. Delete this folder and all contents of the folder. The virus executable file is in this folder. (If you didn’t do step 7, then you won’t be able to do this step. The virus program must be closed for you to be able to delete it.
9) For my own peace of mind, I next emptied my Recycle Bin.
10) Shut Down and Restart. Everything was back to normal for me.

Son of a biscuit,i have it again,this time when i click on End process,window pops up saying ASCESS DENIED!

Son of a biscuit,i have it again,this time when i click on End process,window pops up saying ASCESS DENIED!This doesn't mean you have a virus...what process are you trying to end?

This doesn't mean you have a virus...what process are you trying to end?

PA i have the ms removal system tool virus i had when i posted this thread.Last time Big MAck got me thru the steps and i got rid of it.
I used the same steps and this time when i click on applications to the end the process a window pops up saying ascess denied.Any suggestions?
I went to you tube and it expalined how to remove it to no avail.

Major computer shops are charging in the $150-200 range to remove virus' and/or malware, people should stay away from these kind of shops, despite their reliability.

There are many smaller computer shops that will remove all virus' for approximately $35. One only needs to be attentive to signs in their local area, and willing to explore.

For the difference in the 150-200 range and what two reliable local guys charge ($35), you could certainly box and ship (Michigan) your computer and still save money.

Would system restore do any good? I have no idea. Just a thought.

Would system restore do any good? I have no idea. Just a thought.

No.

His virus/malware (if that's the issue) has embedded itself deep into the machine.

In any event, helping him is beyond remote links and/or suggestions.

He needs to consult a professional, at least after spending days in an attempt to resolve an otherwise simple issue.

He also needs to stop visiting the website (wherever that may be) that causes his machine to contract this stuff.

As an aside, I've a friend whom catches this crap fairly often. After trying to help him numerous times, he just pays the $35, and after each payment, both the computer geeks and myself advise him to go back to the same music site and contract the crap again, which my friend seems perfectly willing to comply with ;)

Wouldn't hurt to try system restore. It's simple and surprisingly effective in removing a variety of problems. It's helped me a number of times.

If it's a virus, the result of "restore" is that, it simply embeds itself deeper into otherwise good and saved older backups points.

If it's a virus, the result of "restore" is that, it simply embeds itself deeper into otherwise good and saved older backups points.

how you make that leap, I don't know? As long as you do not activate the file that started the problem, it might work. Try it. If it works, then immediately run a sweep for virus infected files. You can fix the problem temporarily with a restore, sometimes. But the minute you run the file that is infected, you start all over again. Very few virus files infect your restore points. They just lie in wait to re-activate after you do the restore. It can be a window of opportunity. But the really smart stuff infects files that are not part of those backed up in a restore point. can't hurt to try though.

This board has come a long way .........

Couldn't agree more. Some sharp guys here. IMHO, I know my stuff when it comes to PCs, having recovered half a dozen PCs for friends who picked up viruses in the past year, including one just this morning. But I still visit this forum every couple of weeks just to see what some of you guys are up to with PCs.

BTW, anyone who really needs his PC, whether it be for racing, stocks or business, should parlay periodic image backups with incremental backups. It has saved my butt more than once and I was back in business in 10-15 minutes right where I left off. And encrypting sensitive files (financial accounts, credit card info, banking passwords, etc.) isn't a bad idea, either. Cryptainer LE works for me.

Try running the program "MalwareBytes" with your computer running in safe mode. Good Luck

Try running the program "MalwareBytes" with your computer running in safe mode. Good Luck
Got a nasty lil bugger called lsas.blaster.keylogger the other day and decided to try malwarebytes. Every time I've seen a thread on this board regarding viruses the recommended solution is MalwareBytes.
I tried and it cleaned my system up :ThmbUp: :ThmbUp:

It was a close race between Virus and MWBytes. I'll let Vic Stauffer call them home for us:
"Into the stretch it's Virus and Malwarebytes. It'll come down to these two.
Virus-Malwarebytes-Virus-Malwarebytes. They're head and head now...100yds to go! Virus-Malwarebytes-Virus-Malwarebytes....
Mal...ware...bytes YYYYYYYYYESSSS!!!"

Thanks for the recommendation from all who've suggested this solution.

Got a nasty lil bugger called lsas.blaster.keylogger the other day and decided to try malwarebytes. Every time I've seen a thread on this board regarding viruses the recommended solution is MalwareBytes.
I tried and it cleaned my system up :ThmbUp: :ThmbUp:
Best to run this little number as well:
http://support.kaspersky.com/viruses/solutions?qid=208280684

TDSSKiller works well in conjunction with malwarebytes for zooming in on any remnants that might be lingering in your Rootkit. It's light and portable.