We’d like to remind Forumites to please avoid political debate on the Forum.
This is to keep it a safe and useful space for MoneySaving discussions. Threads that are – or become – political in nature may be removed in line with the Forum’s rules. Thank you for your understanding.
📨 Have you signed up to the Forum's new Email Digest yet? Get a selection of trending threads sent straight to your inbox daily, weekly or monthly!
MR APP Rootkit - how can I remove it?
Jo4
Posts: 6,843 Forumite
in Techie Stuff
My anti virus, Avast, found MR APP in my program files folder and displayed the following message "A suspicious hidden object (rootkit) has been detected on your system. This may be a sign of a malware infection. It is recommended to remove the object immediately." It then gives the option to delete now but it cannot get it deleted despite numerous attempts. I have Googled MR APP but I cannot find anything relevant.
Can anyone tell me how I can remove this please?
Can anyone tell me how I can remove this please?
0
Comments
-
first, set avast to do a boot time scan (i.e. it will scan before most of windows loads up) it takes a while, but once set, reboot the pc and let it do..
also, mbam in safe mode should pick up elements.
if still present after these, try GMER rootkit remover or avast mbr scanner (aswmbr). Combofix may be a last resort, but sometimes you just can't get the little beggars and a reinstall may be required
......Gettin' There, Wherever There is......
I have a dodgy "i" key, so ignore spelling errors due to "i" issues, ...I blame Apple
0 -
first, set avast to do a boot time scan (i.e. it will scan before most of windows loads up) it takes a while, but once set, reboot the pc and let it do..
also, mbam in safe mode should pick up elements.
if still present after these, try GMER rootkit remover or avast mbr scanner (aswmbr). Combofix may be a last resort, but sometimes you just can't get the little beggars and a reinstall may be required
Thanks!!
Avast did a boot time scan but it wasn't able to remove it.0 -
As GunJack said , be prepared for a re-install.
Rootkits can be are notoriusly difficult to remove as they burrow deep into your system and even when you think you have removed everything you can never be sure.
However there are several things you can try. GMER is one but you almost need a degree in computer sciences to interpret it's results.
Others are TDSS Killer, Norton Power Eraser, Malwarebytes Anti-Rootkit and Dr. Web Cure-It.
Run them all and if everything then looks ok follow up by scanning with something like Emsisoft Emergency Kit and ESET Online Scanner and then clear any recent system restore points.
However if you use your computer for online banking and suchlike I would personally go for a re-install.0 -
What's the exact filename & location?
eg: C:\directory\folder\subfolder\filename.ext
With it being found in your program files folder I'd initially suspect a false positive.
"A suspicious hidden object (rootkit) has been detected on your system. This may be a sign of a malware infection. It is recommended to remove the object immediately."0 -
What's the exact filename & location?
eg: C:\directory\folder\subfolder\filename.ext
With it being found in your program files folder I'd initially suspect a false positive.
"A suspicious hidden object (rootkit) has been detected on your system. This may be a sign of a malware infection. It is recommended to remove the object immediately."
C:\Program Files\MR APP
It was downloaded on Sunday night apparently and I wasn't trying to download anything. I cannot even remember what I was doing online because I have been unwell for a few days.0 -
Is https://www.e-rewards.com present in your add/remove programmes?
installation folder: C:\Program Files\mr app
http://www.shouldiremoveit.com/e-Rewards-Notify-42442-program.aspx0 -
Hi
I would try sysinternals (but it may not suit your OS), the link may help...
http://technet.microsoft.com/en-gb/sysinternals/bb897445This is a system account and does not represent a real person. To contact the Forum Team email forumteam@moneysavingexpert.com0 -
Rootkits are hardcore - effectively they're more in control of your computer than you are. They've hidden deep inside for a reason. They may have held the doors open for other malware (remember antivirus are far, far from complete protection.
Personally, I'd be inclined to flatten and rebuild so at least you know it's good, otherwise it's like catching your Mrs cheating - trust is gone and you're never truly certain whether or not you can rebuild a relationship involving online banking with that niggling doubt0 -
Is www.e-rewards.com present in your add/remove programmes?
installation folder: C:\Program Files\mr app
http://www.shouldiremoveit.com/e-Rewards-Notify-42442-program.aspx
www.e-rewards.com is not present in my add/remove programs.0 -
Is www.e-rewards.com present in your add/remove programmes?
installation folder: C:\Program Files\mr app
http://www.shouldiremoveit.com/e-Rewards-Notify-42442-program.aspx
Trying http://www.shouldiremoveit.com/e-Rewards-Notify-42442-program.aspx now so fingers crossed it works.0
This discussion has been closed.
Confirm your email address to Create Threads and Reply
Categories
- All Categories
- 352.1K Banking & Borrowing
- 253.5K Reduce Debt & Boost Income
- 454.2K Spending & Discounts
- 245.1K Work, Benefits & Business
- 600.7K Mortgages, Homes & Bills
- 177.5K Life & Family
- 258.9K Travel & Transport
- 1.5M Hobbies & Leisure
- 16.2K Discuss & Feedback
- 37.6K Read-Only Boards