MS Removal Tool is a false security client. These kinds of scams are nothing new and this client has actually been around for a while under the name of System Tool. Like most fake security clients, this one likes to make it so a user can not open most programs and even highjacks your desktop and browser. To remove MS Removal Tool you can follow out guide written below. We should also give props to this remove MS Removal Tool Guide from removevirus.org. They even created a few videos to help others out.
PCTechGuide.com recommends you run a scan using Stopzilla
How to Remove MS Removal Tool
Step 1. You first need to stop the MS Removal Tool process from running. To do this we need to either delete or re-name the main executable for MS Removal Tool. MS Removal Tool uses unique file names on each computer it infects so the .exe file will be named differently then any other computer infected with MS Removal Tool. However the file names will be similar to the below and the paths should be accurate. You need to browse down to the correct file path and re-name / delete the file. It does help to be in safe mode.
Windows XP:
- C:\Documents and Settings\All Users\Application Data\[random]\[random].exe
- New Path C:\Documents and Settings\USER NAME\Local Settings\Application Data
Windows Vista/7:
- C:\ProgramData\[random characters ]\[random characters].exe
- New Path C:\Users\USER NAME\AppData\Local
If you find the above too hard to do we recommend you hire out a pro to help you remove this virus from your computer. http://www.pcninja.com is our recommendation. They are cheap in price and based in California. They will be able to remote into your computer and fully remove all the viruses on it for under a hundred bucks.
Step 2. One you have deleted or re-named the above process you now need to run a virus scan. We recommend downloading the free trial of Stopzilla Here. Do not skip running a full antivirus scan. You may use any antivirus client you like but in our testing the SDA client is one of the better anti-virus clients out there so that is what we recommend. Please keep in mind that the free trial of Stopzilla will not remove threats it finds. However it will show you the exact file paths and file names so you can manually delete them. It will also block threats from running so you can remove the viruses.
Step 3. You now need to clean out the registry. It’s strongly recommended that you simply use an antivirus client to do this and not do it manually. Always backup your registry before doing any work.
Here are the traces you need to remove or edit in the registry
KEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce “[random]”
You are done. Your computer should now be free of MS Removal Tool.
If you require the assistance of a pro you should use the http://www.pcninja.com services. We also recommend you use Stopzilla so you do not get infected again and to help remove MS Removal Tool from your computer.