MyPCHealthMS Removal Tool– Fake Antivirus/Spyware Program
Ms remvoal Tool is a fake anti spyware program that is designed to make you pay for what you think is a piece of software that will rid your computer of viruses and spyware. In fact what it’s actually doing is the following:
- Stops you from running any executable files on your computer including programs like office, antivirus installers and even programs like Microsoft paint!
- It shows false infection and error messages to make you think your system is infected
- Constantly pops up with its fake messages
- It may create pop-ups and re-direct your browser.
- There is no uninstallation process, so cannot be uninstalled.
This is one of a family of fake anti spyware programs of which there are many here are a few variations:
- AntiVirus Live 2010
- Advanced Security Tool 2010.
- Home Personal Antivirus
- IE-Security, Security Central
- System Tool
- Win PC Defender
- Win PC Antivirus
- XP Deluxe Protector
- XP Police Antivirus
Automatic removal guide of MS Removal Tool
If the automatic removal guide does not remove the infection try the manual guide below.
- Once the desktop has loaded download RKill to stop the process thats causing it to load. - if its preventing getting on the internet or other issues. Download Rkill from another computer and tranfer it via memory stick or portable harddisk.
- Once the process has been stopped you can download malwarebytes. Install this anti spyware software. Run a full scan and allow it to remove any infections found.
- Reboot the computer and see if its removed.
Manual Ms Removal Tool Removal guide
The Ms Removal Tool program manifests itself in a random form. This means that the executable it uses will be made up of random characters
The program can be found in the following directories and will contain random characters:
- Load computer into safe mode by pressing f8 on startup and selecting safe mode from the menu.
- Find where the software is installed by locating its executable file :
Windows XP
- C:\Documents and Settings\All Users\Application Data\<randomcharacters>]\<randomcharacters>.exe
- C:\Documents and Settings\<user name>\Local Settings\Application Data\<randomcharacters>.exe
- C:\Documents and Settings\all users\Local Settings\Application Data\<randomcharacters>.exe
Windows Vista and 7
- C:\ProgramData\<randomcharcters>\<randomcharacters>.exe
- C:\Users\<user name>\AppData\Local\<randomcharacters>.exe
- C:\Users\all users\\AppData\Local\<randomcharacters>.exe
- Write down file name then Delete the file.
- Open the registry by running regedit.
- Search for the file name you wrote down above.
- Delete the entry found in the "run" or "runonce" registry key.
- Reboot and it should be removed. However its still best to download malwarebytes and run a full scan to remove any remaining infected registry keys.
MS Removal Tool creates the following registry entries:
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM CHARACTERS].exe”
- HKCU\Software\Microsoft\Windows\CurrentVersion\Run “[RANDOM CHARACTERS]”
- HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce\[RANDOM CHARACTERS]
Tags: Ms Removal Tool help, get rid of Ms Removal Tool, uninstall Ms Removal Tool, delete Ms Removal Tool