Manually Deleting the MS Removal Tool Virus

**Theodore** · 2011-05-30 10:23

Could anyone give me a step by step set of actions to entirely delete the following Virus:

MS Removal Took

Thank you for any help ...

Theodore...

I am running under Vista Home Premium

**satrow** · 2011-05-30 10:36

I'd use Process Explorer and Autoruns to trace, suspend/kill and block it from starting. Then reboot and run A/V and Mbam to clear out any remnants. How 'manual' do you want to be?

Malwarebytes has some details on how it works, as do many other security websites.

**CLiNT** · 2011-05-30 18:32

http://www.bleepingcomputer.com/viru...s-removal-tool

**Deadeye81** · 2011-05-31 10:24

Moderator Note: This thread was moved to the appropriate Forum, Security & Backups.
Deadeye81
Forum Moderator Staff

**rick98382** · 2011-06-02 17:16

I just manually removed the MS Removal Tool Malware manually. The following link has the procedure for XP and Vista. There are also downloadable fixes to run, but I chose the manual method. I booted into Safe Mode, with network connections. I used regedit to delete the registry files that the malware installed. I downloaded unhide.exe and ran it from a the command prompt utility. (go to Start, Run and type cmd). I imagine Malwarebytes and SuperAntiSpyware would take care of the rogue registry entries as well. Check this site out for specific instruction.

http://www.pcrisk.com/removal-guides...ista-recovery-

Thread: Manually Deleting the MS Removal Tool Virus

Thread Tools