I have been working on a project to make a bat file to remove known processes and files related to Antivirus 2009. I have gotten pretty far and just need a little help. I can't figure out how to use comands like %userprofile% and %temp% to erase folders. I also need someone to take a look at my search and delete functions in this script and tell me what is wrong with it. Thanks in advance for your help. Bat file content. @echo off echo **************************************************************************** echo * -------------Welcome To Joe's AntiVirus 2009 Removal Program-------------* echo * This program is to be used at your own Risk.I hold no responsibility. * echo * -------------Happy searching and we hope this works for you!-------------* echo **************************************************************************** pause cls echo Cleaning Temp files. rmdir c:\windows\temp /s /q mkdir c:\windows\Temp rmdir %userprofile%\Cookies /s /q mkdir %userprofile%\Cookies IF NOT %temp% == %tmp% GOTO both_ GOTO single :both DEL %temp% /F /S /Q DEL %tmp%\*.* /F /S /Q GOTO end :single DEL %temp% /F /S /Q rmdir c:\docume~1\%userprofile%\cookies /s /q echo DONE! pause echo killing associated processes TASKKILL /F /IM "av2009.exe" TASKKILL /F /IM "Antivurus2009.exe" TASKKILL /F /IM "AV2009Install.exe" TASKKILL /F /IM "av2009[1].exe" TASKKILL /F /IM "AV2009Install_880405[1].exe" TASKKILL /F /IM "AV2009Install_880405[2].exe" TASKKILL /F /IM "c:\Program Files\Antivirus 2009\av2009.exe" TASKKILL /F /IM "c:\WINDOWS\system32\ieupdates.exe" TASKKILL /F /IM "Power-Antivirus-2009.exe" TASKKILL /F /IM "AV2009Install[1].exe" TASKKILL /F /IM "ieexplorer32.exe" TASKKILL /F /IM "%PROGRAMFILES%\Antivirus 2009\av2009.exe" TASKKILL /F /IM "AntivirusPro2009.exe" echo DONE! pause echo Unregistering infected DLL files %WinDir%\system32\regsvr32.exe -u "%UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\S96PZM7V\winsrc[1].dll" %WinDir%\system32\regsvr32.exe -u "c:\WINDOWS\system32\winsrc.dll" echo DONE! pause echo Searching for Rouge Antivirus and deleting infected files setLocal EnableDelayedExpansion for %%a in (files.txt) do ( for /f "tokens=* delims= " %%f in ('dir/b/s/a-d %systemdrive%\*.%%a') do ( rm "%%f" ) ) for /f "tokens=* delims= " %%a in (files.txt) do ( del %%a ) echo DONE! pause echo searching for and deleting infected registry keys regedit /s c:\av2009.reg echo DONE! pause reg file content. REGEDIT4 ;NPF ;AppPaths [-Microsoft\Windows\CurrentVersion\Explorer\MenuOrder\Start Menu2\Programs\Antivirus 2009] [-HKEY_CURRENT_USER\Software\75319611769193918898704537500611] [-HKEY_CLASSES_ROOT\CLSID\{037C7B8A-151A-49E6-BAED-CC05FCB50328}] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "ieupdate"] [-HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "75319611769193918898704537500611"] [-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{037C7B8A-151A-49E6-BAED-CC05FCB50328}] files.txt content %UserProfile%\Desktop\Antivirus 2009.lnk %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 2009.lnk %UserProfile%\Local Settings\Temporary Internet Files\Content.IE5\S96PZM7V\winsrc[1].dll %UserProfile%\Start Menu\Antivirus 2009 %UserProfile%\Start Menu\Antivirus 2009\Antivirus 2009.lnk %UserProfile%\Start Menu\Antivirus 2009\Uninstall Antivirus 2009.lnk c:\Program Files\Antivirus 2009 c:\Program Files\Antivirus 2009\av2009.exe c:\WINDOWS\system32\ieupdates.exe c:\WINDOWS\system32\scui.cpl c:\WINDOWS\system32\winsrc.dll

Hi Joe, 1. Are you sure the steps you are following are the right step to remove antivirus? 2. Which line in batch file is causing the problem? remove "echo off" and debug. 3. There are some obvious errors in the batch file, like "rmdir c:\docume~1\%userprofile%\cookies /s /q" %userprofile% will be substituted by fully qualified path, which renders the above line invalid. -- Holla.