Removing unwanted downloads

Discussion in 'Malware Help (A Specialist Will Reply)' started by sk8tejunkie, Mar 20, 2006.

  1. sk8tejunkie

    sk8tejunkie Private E-2

    (1) I downloaded EZ trust Anti-Virus. I have no use for it anymore and I would like to remove it because at start-up I get this annoying pop up from them. I tried uninstalling it from "add remove programs" but this error message appears reading that it's installed in c:windows directory. I looked in C: windows and did not find it. Need help for this problem.

    (2) I installed PC Mighty Max V9 and I want to uninstall it, however, on "add remove program" there is no "remove" button for it only a "change" button. How can I get this off
    of my computer?

    (3) I would like to know how to change my username on this forum.
     
    sk8tejunkie, Mar 20, 2006
    #1
  2. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You will have to talk to one of the Admins to get your user name changed. I can send this thread to them but you have to tell them what you want your name to be. The Admins are all listed here:

    http://forums.majorgeeks.com/showgroups.php?

    AbbySue is around the most. Then Major Attitude, Corporal Punishment, and Kodo.

    For your other problems (which really do not belong in this forum since they are not malware issues), run the steps in the below link and attach the requested log to your next message:

    Using GetRunKey
     
    chaslang, Mar 20, 2006
    #2
  3. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Copy the bold text below to notepad. Save it as fixme.reg to your desktop. Be sure the "Save as" type is set to "all files" Once you have saved it double click it and allow it to merge with the registry.
    Now reboot your PC and check to see if a folder named C:\Program Files\PC MightyMax exists. If it does then delete it. Is it now gone from your Add/Remove programs list?
     
    chaslang, Mar 20, 2006
    #3
  4. sk8tejunkie

    sk8tejunkie Private E-2

    Hi,
    As far as downloading the getrunkey file: It was downloaded and the files were extracted. What is a root drive? How do I get to this root drive? How do I upload runkeys.txt? Each time I click on the getrunkey.bat file it just brings up another getrunkey window. I have know idea what I'm doing . What is this key supposed to do for my problem?
     
    sk8tejunkie, Mar 24, 2006
    #4
  5. sk8tejunkie

    sk8tejunkie Private E-2

    Hi,
    As far as the getrunkey file, everything was downloaded and files extracted.
    The getrunkey.bat file was located and I ran it. Now, what is a root drive and where or how do I get to it? How do I upload the runkeys.txt file?

    I need a more detailed explanation because I have know idea what I'm doing or how this is supposed to fix my problem.

    I don't know how or where to go to post a message. The first message was posted but I don't know how I got there.

    Thanks
     
    sk8tejunkie, Mar 24, 2006
    #5
  6. sk8tejunkie

    sk8tejunkie Private E-2

    Hi,
    As far as the getrunkey file, everything was downloaded and files extracted.
    The getrunkey.bat file was located and I ran it. Now, what is a root drive and where or how do I get to it? How do I upload the runkeys.txt file?

    I need a more detailed explanation because I have know idea what I'm doing or how this is supposed to fix my problem.

    I don't know how or where to go to post a message. The first message was posted but I don't know how I got there.

    Why am I naming a file fixme.reg? What is that file supposed to do? When do I run this fixme file?

    After posting this message I don't see a button to send this message

    Thanks
     
    sk8tejunkie, Mar 24, 2006
    #6
  7. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    Why are you posting the same messages over and over again?

    And why are you asking all of this questions? These is are very simple steps.

    The procedure for GetRunKey does not say the root drive. It says the root of drive C ( C:\ ) . This is the highest level folder (the root) on drive C which is your Windows boot drive.

    You just need to extract the files from the GetRunKey.ZIP file (there are two file inside the ZIP)
    And then run GetRunKey.bat by double clicking on it.
    Then you need to upload the C:\runkeys.txt file that is created here as an attachment.

    If you had read the announcements and sticky threads as is actually required before posting, you would know how to do this. See: HOW TO: Attach Items To Your Post

    runkeys.txt will give me information so I can try to help you find your problem.
    fixme.reg was an attempt to fix your problems with PC Mighty Max V9 . This was indicated right in the message.
     
    Last edited: Mar 25, 2006
    chaslang, Mar 25, 2006
    #7
  8. sk8tejunkie

    sk8tejunkie Private E-2

    I'm sorry if I'm getting on your nerves. Everyone is not as computer literate as you are. I've asked those questions because I don't know (it's as simple as that!) It was not intentional for me to post the same message over and over, it was a mistake. The GetRunkey may be simple to you but for some one who is not as computer literate as yourself it is not that simple. I took the time to put the steps I took in my email to let you know that I did everything you told me and somthing, I assume, went wrong. I emailed AbbeySue to get more clarification but she told me to let you be the one to give me more clarification. How does the fixme file and the getrunkey fit together or does it?

    I'm still having a problem following your instructions on this getrunkey.
     
    sk8tejunkie, Mar 27, 2006
    #8
  9. sk8tejunkie

    sk8tejunkie Private E-2

    When it went into my registry to HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\Applications, I opened the application file and there was not a file in there titled pcmm.exe. Could it be under another name?
     
    sk8tejunkie, Mar 27, 2006
    #9
  10. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You said you were having a problem uninstalling PC MightyMax. The fixme.reg file is a registry patch that attempts to do this for you. GetRunKeys is a tool to look at various registry locations and dump the info to a file. The runkeys.txt log that GetRunkey.bat creates may give me a confirmantion on whether PC MightyMax is still trying to load any files at startup.

    Did you complete the instructions of message number 3 yet? You should not be using the Registry Editor!!!!

    I gave more info on this in my last message. I do not know how to make it any easier. Are you saying you do not know how to locate the C:\runkeys.txt file to upload it as an attachment using the Manage Attachments feature of the Message Editor? Did you click the link to learn How to attach files?
     
    chaslang, Mar 27, 2006
    #10
  11. sk8tejunkie

    sk8tejunkie Private E-2

    :confused: I have attached the runkey.txt; also, in following the instructions given me:

    1. There is no regedit4; did you mean regedit?

    2. There was no file named pcmm.exe after opening the applications folder HKEY_LOCAL_MACHINE\SOFTWARE\CLASSES\Applications\pcmm.exe

    3. I was successful going into and removing these numbers
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{94D5AF0F-E6EE-4A75-BE31-9C9C9A87AD45} these numbers

    4. I was successful going into and removing these numbers
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\4EA95F043A6ED3E469359C2B514C3A13]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54 - could not find these numbers.

    5. I was successful in going and removing these numbers HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\AF20EA1A456C89149B85D42D2DD030C4]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54 - same number as above.

    6. I was successful in going in and removing these numbers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\6F668AE09D6D582448E5B11DFAFABBB5]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54 - same as above

    7. I was successful in going in and removing these numbers HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\BF6E592E80BCF194FB693CFD316A3DCC]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54 - same as above

    8. I was successful in going in and removing these numbers [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\54DE467509E8F284DB2F6A81EF007D68]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54- same as above

    9. I was successful in going in and removing these numbers HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Components\4E64FB4530FE3AD45901D599CE166E7B]
    "F0FA5D49EE6E57A4EB13C9C9A978DA54 same as above; could not find

    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders] I deleted what was in the folder.
    "C:\\Program Files\\PC MightyMax\\"=- I could not delete because it told me access was denied; the disk maybe full or it is right protected
    "C:\\WINDOWS\\Start Menu\\Programs\\PC MightyMax\\"=- Same error message as above.

    10. I was successful in going in and removing pc mightymax from here. HKEY_LOCAL_MACHINE\SOFTWARE\PC MightyMax]

    11. After I opened Microsoft there was not a file name installer so I could not find these numbers
    [-HKEY_USERS\.DEFAULT\Software\Microsoft\Installer\Products\F0FA5D49EE6E57A4EB13C9C9A978DA54

    12. I think I removed this file HKEY_USERS\.DEFAULT\Software\PC MightyMax
    because when I went back in I couldn't find it
     

    Attached Files:

    sk8tejunkie, Mar 27, 2006
    #11
  12. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    You are not supposed to be running regedit and manually editing the registry. The instructions said to save the info to a file and then double click on the filename. They said:
    This automatically adds the fixes to the registry. REGEDIT4 is the beginning of the registry patch file you were supposed to create. It is not a process to run.

    You need to be more careful when following instructions!

    What is your status right now with PC Mighty Max? I still see it trying to load at startup based on the runkeys.txt log.
     
    Last edited: Mar 28, 2006
    chaslang, Mar 28, 2006
    #12
  13. sk8tejunkie

    sk8tejunkie Private E-2

    I changed the status of the fixme file to be saved to all files and I merged it into the registry. PC Mighty Max is still popping up and in the "add/remove" folder there is know button to change or remove it. Before, there was a button to change it, now that's gone.

    Also, after reading the runkey.txt file I see that I do have malware after all.

    "REGEDIT4 is the beginning of the registry patch file you were supposed to create." - I don't understand this statement; at what step was I supposed to create this?

    Would you please delete my messages that are the same in my forum?
     
    sk8tejunkie, Mar 28, 2006
    #13
  14. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    In message # 3 where it said:

    Try using the following to uninstall PC Mighty Max: Your Uninstaller! 2006
     
    chaslang, Mar 28, 2006
    #14
  15. sk8tejunkie

    sk8tejunkie Private E-2

    This message is reading to copy the bold text to notepad and save the copied notepad file with the name of fixme.reg it did not say save as regedit4 If there are other steps that are left out I need to know them.

    I copied the bold text to notepad and saved that copied file with the name of fixme.reg to all files - which I sent to you. Again, I do not know at what point I was to name this file regedit4 when you told me to name it fixme.reg
     
    sk8tejunkie, Mar 28, 2006
    #15
  16. sk8tejunkie

    sk8tejunkie Private E-2

    Hi,
    The uninstaller link you sent me is to purchase this software and I'm not prepared to purchase that.

    It does say at the bottom of the page that there is a 21 day trial. After downloading and running the uninstaller it told me I had 123 infections on this computer. I clicked on fix it and it prompted me to put in a license number (which I can only get through purchasing it) Please advise
     
    sk8tejunkie, Mar 28, 2006
    #16
  17. chaslang

    chaslang MajorGeeks Admin - Master Malware Expert Staff Member

    The Your Uninstaller 2006 program is only an uninstall program. It is not a malware scanner. And it is a 21 day trial which will work completely for 21 days. You are not clicking on the correct links. The stuff at the bottom of the page is not the download links for this program. They are advertising links. You need to click on one of the links under the bold print that says:

    In fact the links I just added above will all work!
     
    chaslang, Mar 29, 2006
    #17

MajorGeeks.Com Menu

Downloads All In One Tweaks \ Android \ Anti-Malware \ Anti-Virus \ Appearance \ Backup \ Browsers \ CD\DVD\Blu-Ray \ Covert Ops \ Drive Utilities \ Drivers \ Graphics \ Internet Tools \ Multimedia \ Networking \ Office Tools \ PC Games \ System Tools \ Mac/Apple/Ipad Downloads

Other News: Top Downloads \ News (Tech) \ Off Base (Other Websites News) \ Way Off Base (Offbeat Stories and Pics)

Social: Facebook \ YouTube \ Twitter \ Tumblr \ Pintrest \ RSS Feeds