MS Removal Tool
The pretty pink menace has struck again: MS Removal Tool is the latest version of some especially ugly fake security software that has been scamming PC users out of their money. MS Removal Tool is nothing more than an attempt to drive you to pay for a bogus program, by scaring you into thinking that your computer is infected with tons of malware. Please don't fall for it!
Although MS Removal Tool is only the latest name for this malware, its previous names have not been as easily confused with real anti-virus products. There is a program called Microsoft Windows Malicious Software Removal Tool that is a real, useful anti-malware application. MS Removal Tool has no affiliation with Microsoft, and its name is not a shortened form of the name of their legitimate security program.
However, aside from its claims to be a Microsoft product, there is almost nothing remotely realistic or normal about MS Removal Tool. MS Removal Tool has a bubblegum-pink interface, all of its messages and warnings are in really mangled English, and it changes the desktop wallpaper to a crazy, ranting paragraph about how "Your're in danger" because everything you've ever done is supposedly saved forever on your computer and is accessible to every single person or entity that might matter to you at all ever, and it could "break your life." (The claims that the wallpaper warning makes are false, so don't sweat it – and that "break your life" bit is downright laughable!) Of course, even if you don't fall for it and believe the sparkly pink MS Removal Tool to be real security software, MS Removal Tool will still seriously disable your computer and prevent you from using it.
Signs of a MS Removal Tool Infection
MS Removal Tool will configure itself to start when Windows starts, which means that every time you start Windows in its normal mode, you will see the MS Removal Tool interface. The interface exists in order to run some scan animations in order to simulate a scan of your computer, although MS Removal Tool can't, and doesn't, actually scan for anything. You can't skip past the fake scan, so you have to wait through it, and at the end, the result is always the same – MS Removal Tool will present you with a long list of "results," containing names for up to thirty different threats that it claims to have detected. MS Removal Tool will then tell you that the only way to remove these threats is to "activate" your copy of MS Removal Tool by paying for a license. There's even a payment page where you can enter your credit card information, if you feel inclined to follow all of MS Removal Tool's suggestions and prompts. However, because the entire thing is a scam, there aren't any licenses to be had, and you won't get anything for the huge chunk of money that you pay.
Even assuming that you don't fall for the fake scan, and you make it to the desktop, that doesn't mean that MS Removal Tool will stop pestering you for money. On the contrary, MS Removal Tool will start creating warnings and alert messages, which will say very vague things about how MS Removal Tool has detected that your PC is not properly secured. You'll see pop-ups that remind you to "activate" your anti-virus program, in order to remove various unspecified threats, and these pop-ups will lead you right to the bogus payment page if you follow them.
The fake scans and security alerts are only the scare-tactics component of MS Removal Tool's attack. MS Removal Tool also does a few things in the name of self-preservation, to keep you from deleting it. It will disable your anti-virus software, along with your other programs, even including Task Manager. You won't be able to kill MS Removal Tool's processes with Task Manager, and you won't be able to uninstall it with the Control Panel. Furthermore, MS Removal Tool may prevent you from going for help online, by causing your browser to redirect you to one of the MS Removal Tool sites whenever you try to access anything on the Internet.
How Did MS Removal Tool Wind Up on Your Computer in the First Place?
So, you probably don't remember asking for MS Removal Tool or downloading it, right? That's because MS Removal Tool relies on a Trojan in order to get into your computer. The Trojan is hidden in something that you are tricked into downloading, usually because it looks so harmless and normal. The most common hiding spots are fake video codec updates, program updates downloaded from third-party websites, and files downloaded from freeware or pirating sites. The Trojan that supports MS Removal Tool may also be promoted by spam email attachments, or through malicious links that lead to drive-by-download sites. In any case, once you have been tricked into downloading the Trojan (because Trojans can't copy themselves or spread on their own), it drops the files that are necessary to run the MS Removal Tool rogue anti-virus software.
Believe it or not, this crazy pink program is not the first one in this malware family; there have been several other fake security applications that are essentially the same malware under a different name. Most recently, there was System Removal, although the malware currently being called MS Removal Tool has been around since at least 2009. Some other mutations of this same malware are Windows Smart Security, Total Security, Total Security 2009, Total Security 4.52, System Tool, System Tool 2011, PC Tool 2011, and System Security. There has been a marked increase in the infection rate with malware from this family since the beginning of 2011.
Twitter Trend on MS Removal Tool
Snapshot of Search Volume for MS Removal Tool
SpyHunter Detects & Remove MS Removal Tool
MS Removal Tool Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
Tip: We recommend blocking the domain names as well as the IP addresses associated
The following URL's were found: