How to Remove the MS Removal Tool
The MS Removal Tool is a fake antivirus malware application that will infect your system when executed. MS Removal Tool is a variant of Win32/Winwebsec. Like other Win32/Winwebsec rogue anti-spyware programs, MS Removal Tool displays fake security alerts and scan results in attempt to deceive you into thinking your computer is infected.
If your computer is infected with this malware, you may see a MS Removal Tool window immediately after booting up your computer.
Consequently, the MS Removal Tool will prevent you from accessing your desktop and will not allow you to launch certain programs, such as Internet Explorer. Furthermore, you can’t start Task Manager.
The following instructions may help you remove the MS Removal Tool from your system. WARNING: Proceed at your own risk. You can cause further damage to your computer if you’re not certain how to perform these steps. If you’re in doubt, please seek professional technical assistance.
Safe Mode
By utilizing the command prompt, locate the affected directories:
In Windows XP, these directories will usually be located within the Application Data folder in Documents and Settings. Perform the following to access this directory:
In Windows Vista and Windows 7, perform the following tasks in command prompt:
Type cd c:\ProgramData\ and press the Enter. Type dir and press the Enter. Type cd c:\Users\All Users\ and press the Enter. Type dir and press the Enter. For every random name you identify, type rd /s /q (random name), and then press the Enter key. Replace (random name) with the 18 character name. Type reg delete hkcu\software\microsoft\windows\currentversion\runonce /v (random name) /f, and then press Enter. Finally, reboot your computer.
You can prevent from becoming infected from the MS Removal Tool by performing the following:
By performing these tasks, you lessen your chances from becoming infected from the MS Removal Tool.
The MS Removal Tool is a fake antivirus malware application that will infect your system when executed. MS Removal Tool is a variant of Win32/Winwebsec. Like other Win32/Winwebsec rogue anti-spyware programs, MS Removal Tool displays fake security alerts and scan results in attempt to deceive you into thinking your computer is infected.
If your computer is infected with this malware, you may see a MS Removal Tool window immediately after booting up your computer.
Consequently, the MS Removal Tool will prevent you from accessing your desktop and will not allow you to launch certain programs, such as Internet Explorer. Furthermore, you can’t start Task Manager.
The following instructions may help you remove the MS Removal Tool from your system. WARNING: Proceed at your own risk. You can cause further damage to your computer if you’re not certain how to perform these steps. If you’re in doubt, please seek professional technical assistance.
Safe Mode
- Boot your computer into Safe Mode. You can do this in Windows by pressing and holding the F8 key while your system is booting up. After holding the F8 key, you should be prompted to a Windows Advanced Options menu. Scroll to Safe Mode with your arrow keys and press the Enter key.
- Once you’re in Safe Mode, click the Start button and click Run.
- Type cmd and click OK to access the command prompt window.
By utilizing the command prompt, locate the affected directories:
In Windows XP, these directories will usually be located within the Application Data folder in Documents and Settings. Perform the following to access this directory:
- Type: cd c:\Documents and Settings\All Users\Application Data\ and press the Enter key.
- Type dir and press Enter. You will now see a list of directories. The MS Removal Tool creates directories with random names that contain 18 characters.
- For every random name you identify, type rd /s /q (random name), and then press the Enter key. Replace (random name) with the 18 character name.
- Type reg delete hkcu\software\microsoft\windows\currentversion\runonce /v (random name) /f, and then press Enter.
- Finally, reboot your computer.
In Windows Vista and Windows 7, perform the following tasks in command prompt:
You can prevent from becoming infected from the MS Removal Tool by performing the following:
- Install the latest updates for all your software -- Outdated software applications are vulnerable to attacks. Cybercriminals can exploit a known vulnerability, such as “back doors,” and inject malicious code. Keeping all of your software applications patched with the latest updates is critical in securing your computer from malware attacks.
- Always keep your operating system updated -- Keeping your operating system updated helps protect against the latest system vulnerabilities. Malware targets these vulnerabilities, and without the latest updates, your system will be unable to fight off the latest malware attacks. You should configure your system to perform automatic updates to ensure your system is operating with the latest patches.
- Enable your computer’s firewall -- Firewalls monitor the network and are capable of blocking suspicious traffic. You can enable the Microsoft Windows Internet Connection Firewall for your computer.
- Use a reliable antivirus application -- Most antivirus applications can detect malware such as Live Security Platinum. Configure your antivirus software to routinely check for updates. If your antivirus software does not contain the latest signature files, it will be rendered useless against new malware threats.
- Don’t download pirated software -- Pirated software is often infected with malware.
- Use caution when opening email attachments -- Use extreme caution when handling emails and attachments you receive from unknown sources.
By performing these tasks, you lessen your chances from becoming infected from the MS Removal Tool.
Source...