A year ago I downlaoded a win rar winzip tool via tu cows. BAD IDea and a virus later - shoulda spent the dosh for Winzip instead. Onto the question. THe virus loaded a number of items up and posted a PDF as the wallpaper pushing an anti virus campaign. Huh. I used file manager to find the files that were being created in the time frame the software was loaded and then deleted the files. After my restart I found where the rest of the 'startup files were being secreted. I deleted the files yet again and then I used regedit to locate the launch commands that created the executables and deleted them. But there are still some errors as the startup file - still stored somewhere in the registry attempt to launch these 'not found executable files So I get errors on every startup. To be clear the virus did not use the windows install program to install itsself.
I just tried using Live OneCare to perform the registry correction but it does not seem to bother to check or correct registry entries pointing to non existent file.
Registry cleaners have a massively bad rep.
I last really used Reg Edit back in the W4Workgroups era.. Is using Reg Edit and crawling throug looking for the only option I have. The registry is quite daunting since the days of Work Groups.
Old sock.
