Lancia Motor Club Forum Banner
28 March, 2024, 07:32:57 PM *
Welcome, Guest. Please login or register.

Login with username, password and session length
News: Need to contact the Forum Administrator? e-mail forum.admin@lanciamc.co.uk, for Database Administrator e-mail database.admin@lanciamc.co.uk      -      Copy deadline for Viva Lancia is 12th of each month.      -      For Events e-mail events@lanciamc.co.uk      -      To Join the club go to http://www.lanciamc.co.uk/join.htm
 
   Home   Help Search Calendar Register  
Pages: [1]   Go Down
  Print  
Author Topic: Warning, MS Removal Tool Scam, Don't Pay  (Read 4264 times)
0 Members and 1 Guest are viewing this topic.
fay66
Permanent resident
**
Posts: 6189



« on: 03 April, 2011, 08:14:27 AM »

I've just been hit with a new antispyware called "MS Removal Tool"[/color] it's so new that the the big companies haven't yet got a fix and it's got past all my antispyware. It flashes up Red warnings that look like genuine MS security warnings that says you have various problems Virues , Trojans etc, if you say yes to check, it then comes up with a page that asks you to pay to fix the problems, DO NOT PAY ANYTHING It's A SCAM.

If you put "MS Removal Tool Scam" in the search box it will come up with numerous reports and how to fix the problem, as if you try to run any programmes to remove it, it will not let you run them and a warning says can't run as infected and click to fix which everytime takes you to the payment box.
Some people have been lucky and have restarted and gone into safe mode by repeatedly pressing the F8 key while booting, and then they ran their removal programmes from there, which removes it.
But that doesn't always work, I could even get my PC to start in safe mode using this option.
So very reluctantly I went to "Spyhunter" that will run and fix it, the only problem is you have to pay about £32 which is only for 6 months, the alternative was that I took it into my PC repairers which I knew was going to cost me £80+.
So it's up to you, but whatever you do get rid of it quickly as from what I read last night it gets progressively worse, and don't pay for the MS Removal Tool.
Brian
8227 Angry
Logged

Own 1966 Fulvia 2C Berlina since 1997, back on road 11-1999.Known as "Fay"
2006 Renault Megane 1 5 Dci Sports Tourer
Dedra Technical Adviser
zagatoboy
Guest
« Reply #1 on: 04 April, 2011, 08:17:54 AM »

Brian,
Just got into work and one of the computers has got it, he can't get onto the internet to get any fixes Sad
Logged
peteracs
Administrator
Rebel Poster
*****
Posts: 896



« Reply #2 on: 04 April, 2011, 11:51:42 AM »

Hi

FYI, this gives step by step removal, fortunately a pain, but not particularly vicious malware prog.

http://www.fakealerts.com/rogue-antispyware-fake-alerts/remove-ms-removal-tool-malware-595.html

Peter
Logged

Beta Spyder S2 pre F/L 1600
Beta HPE S2 pre F/L 1600
fay66
Permanent resident
**
Posts: 6189



« Reply #3 on: 06 April, 2011, 11:00:08 PM »

Hi

FYI, this gives step by step removal, fortunately a pain, but not particularly vicious malware prog.

http://www.fakealerts.com/rogue-antispyware-fake-alerts/remove-ms-removal-tool-malware-595.html

Peter

Peter this iok if your PC will reboot in safe mode, mine wouldn't and from a lot of reports from other users this isn't uncommon, problem is it won't let you use any of your programmes that will delete it without going into safe mode, hence the reason for me coughing up for spyhunter, although I've got rid of it my active Desktop has gone into safe mode for no reason other than this that I can see, anyone know how I reactivate active desk top as it doesn't work when I click on "Reactivate Active Desktop"  certain slightly smug persons tell me I should invest in a Mac, which seems an appropriate word when you look at the cost of them, and what do I do with 15 years worth of saved photos and files etc, as I understand the Mac programme to make this possible is not as good as it's supposed to be.

Brian
8227 Cool
Logged

Own 1966 Fulvia 2C Berlina since 1997, back on road 11-1999.Known as "Fay"
2006 Renault Megane 1 5 Dci Sports Tourer
Dedra Technical Adviser
zagatoboy
Guest
« Reply #4 on: 08 April, 2011, 08:53:12 AM »

We couldn't get it to boot up, cost me £63 and we had norton 360 running, repairer said if you open it up it gets worse! Sad
Logged
fay66
Permanent resident
**
Posts: 6189



« Reply #5 on: 08 April, 2011, 08:26:36 PM »

We couldn't get it to boot up, cost me £63 and we had norton 360 running, repairer said if you open it up it gets worse! Sad
Still having a bit of trouble even though it's been removed, I've got problems with a warning about Active Desktop, and the desktop has gone white, the link to reactivate Active desk top doesn't do anything, and unless I leave it with a window open, when I come back to the PC the screen is blue and blank, and I have to use the restart button to get back in?
What I'd really like is a very sharp knife and the scrotum of the Bas-ard who let this lose  in front of me and he'd be singing in high C.

Brian
8227 Cool
Logged

Own 1966 Fulvia 2C Berlina since 1997, back on road 11-1999.Known as "Fay"
2006 Renault Megane 1 5 Dci Sports Tourer
Dedra Technical Adviser
nyssa7
Megaposter
*
Posts: 208



WWW
« Reply #6 on: 11 April, 2011, 08:37:11 AM »

This page might be useful (and free), its how I dealt with this today - http://www.myantispyware.com/2010/03/17/how-to-remove-xp-defender-pro-removal-guide/

I have the family machine set up with separate users so easy to go into the admin one and download, then place files on the desktop for my son. Note the link for if the malware won't run - I changed the name of the mbam.exe to explorer.exe to fool the trojan after I had used "method 2" to run fix.inf

This is the same scam as XP Defender et al, and thus the same fix works
Logged

2000 kappa coupe 20vt
1996 kappa saloon 20vt race car
the "Yntegrale"
1999 Lotus Elise S1
2016 AMG GTS

Y10 Advisor
fay66
Permanent resident
**
Posts: 6189



« Reply #7 on: 11 April, 2011, 06:48:16 PM »

Trevor,
Although I seemed to have removed it. unless I leave something up and running it eventually reverts to a plain blue screen and the only way to to get it back up is to press the restart on my tower unit.
I've also got a problem with the Active desktop as it is white and shown as disabled, but when I click on the  "Fix Problem" button, nothing happens, it's also slowed things down drastically.

Brian
8227 Cool
Logged

Own 1966 Fulvia 2C Berlina since 1997, back on road 11-1999.Known as "Fay"
2006 Renault Megane 1 5 Dci Sports Tourer
Dedra Technical Adviser
Pages: [1]   Go Up
  Print  
 
Jump to:  

Contact the Forum Administrator

LMC Forum copyright © 2007 - 2021 Lancia Motor Club Ltd

Powered by SMF 1.1.20 | SMF © 2006-2011, Simple Machines
Page created in 0.078 seconds with 21 queries.