Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.


Windows 7: Ms Removal Tool removed but how did I pick it up

11 Apr 2011   #1
cloa513

Windows 7 Home Premium 32 Japanese Vsersion
 
 
Ms Removal Tool removed but how did I pick it up

We had the dreaded Ms Removal Tool which blocked Internet access and constant problems. Eventually my wife (her computer doesn't let me change anything although she's a PC novice) used Safe Mode with Networking and Malwarebyte Anti-malware and removed it. But I don't know how we picked it up in the first place since it definitely wasn't there a few days ago (surreptious anti-malware scan by me) and I didn't install anything I am pretty sure. Can out of date Java let it in? Update 20 only partly due to nuisance update failure and wife wouldn't let it be fixed another way at my urging.
By the way have Win7 (japanese) with security software.


My System SpecsSystem Spec
.
11 Apr 2011   #2
marsmimar

Microsoft Community Contributor Award Recipient

 
 

Quote:
This infection is categorized as a rogue anti-spyware program. It pretends to be an anti-virus program, but is actually a program that displays fake security alerts and scan results in order to make you think your computer is infected. MS Removal Tool is installed through the use of malware that will install the program onto your computer without your knowledge or permission.
Source

Is it possible that Java 6u20 let it in? Yes. Most Java updates fix security holes. But it's also possible that you visited a website running Flash advertisements and one of those ads was the source of infection. Especially if you have an outdated Adobe Flash Player.

It's really a good idea to keep Java and Adobe updated. You can go into Control Panel > Programs and Features to uninstall the old Java before installing the latest version. Or you could use JavaRa as an alternative. If you need to uninstall Adobe Flash, use their official uninstaller to make sure all of the old Flash is removed. And if you install the latest Flash, make sure to UNcheck the free Google toolbar before installation (unless you want the toolbar.)
My System SpecsSystem Spec
11 Apr 2011   #3
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Excellent information and advice, marsmimar!

cloa513,

Java
It is important to be sure that old versions of Java are not lurking on the computer as, surprisingly, even if you are using the most recent version, old versions can indeed be called up.

You may have better luck with the off-line installation of Java. Java SE Runtime Environment (JRE) 6 Update 24 is available for download from Java SE Runtime Environment 6u24. Note: UNCHECK any pre-checked toolbar and/or software options presented with the update. They are not part of the software update and are completely optional.

Adobe Flash Player
As to Adobe Flash Player, it is important to note that it needs to be updated for not only IE but also if alternate browsers are used.

Direct download for IE: http://fpdownload.adobe.com/get/flas..._player_ax.exe
Direct Download for non-IE (Opera, Firefox etc): http://fpdownload.adobe.com/get/flas...ash_player.exe

After install, verify Flash Player version for each browser installed at About Flash Player page.

Adobe Reader
As to Adobe products, I would add that another source of infection is Adobe Reader. If you use Adobe Reader, get the latest version from PDF reader, protected mode | Adobe Reader X
My System SpecsSystem Spec
.

11 Apr 2011   #4
marsmimar

Microsoft Community Contributor Award Recipient

 
 

Thanks for the kinds words, Corrine. I've been using Nitro Reader for a long time and forgot about Adobe Reader. Appreciate the reminder and additional information.
My System SpecsSystem Spec
11 Apr 2011   #5
Corrine

Windows 7 & Windows Vista Ultimate
 
 

It was almost two years ago when I stopped using Adobe Reader, in favor of Sumatra PDF. I don't care for the dark yellow background but like the ability to use <Ctrl> + Left Mouse to select text or image and copy to clipboard.

Nitro Reader looks like an excellent substitute also, although it appears to be limited to 32-bit.
My System SpecsSystem Spec
11 Apr 2011   #6
marsmimar

Microsoft Community Contributor Award Recipient

 
 

Quote   Quote: Originally Posted by Corrine View Post
It was almost two years ago when I stopped using Adobe Reader, in favor of Sumatra PDF. I don't care for the dark yellow background but like the ability to use <Ctrl> + Left Mouse to select text or image and copy to clipboard.

Nitro Reader looks like an excellent substitute also, although it appears to be limited to 32-bit.
Not to hijack this thread ...

Nitro works great with 64-bit.

About Reader 1.4
My System SpecsSystem Spec
11 Apr 2011   #7
cloa513

Windows 7 Home Premium 32 Japanese Vsersion
 
 

Quote   Quote: Originally Posted by marsmimar View Post
Quote:
This infection is categorized as a rogue anti-spyware program. It pretends to be an anti-virus program, but is actually a program that displays fake security alerts and scan results in order to make you think your computer is infected. MS Removal Tool is installed through the use of malware that will install the program onto your computer without your knowledge or permission.
Source

Is it possible that Java 6u20 let it in? Yes. Most Java updates fix security holes. But it's also possible that you visited a website running Flash advertisements and one of those ads was the source of infection. Especially if you have an outdated Adobe Flash Player.

It's really a good idea to keep Java and Adobe updated. You can go into Control Panel > Programs and Features to uninstall the old Java before installing the latest version. Or you could use JavaRa as an alternative. If you need to uninstall Adobe Flash, use their official uninstaller to make sure all of the old Flash is removed. And if you install the latest Flash, make sure to UNcheck the free Google toolbar before installation (unless you want the toolbar.)
We fixed Java and I just did the flashplayer. Thanks all.
My System SpecsSystem Spec
11 Apr 2011   #8
Corrine

Windows 7 & Windows Vista Ultimate
 
 

Excellent! Be prepared to update Flash Player again soon. A new critical advisory was just released today. Security Advisory for Adobe Flash Player, Adobe Reader and Acrobat
My System SpecsSystem Spec
11 Apr 2011   #9
logicearth

Windows 10 Pro (x64)
 
 

Just so it is made aware of, MS Removal Tool, the malware should not be confused with Microsoft Windows Malicious Software Removal Tool, which is released once a month on Windows Update. The Microsoft Windows Malicious Software Removal Tool helps remove specific, prevalent malicious software from computers that are running Windows 7, Windows Vista, Windows Server 2003, Windows Server 2008, or Windows XP

Just FYI, extra information to the masses.
My System SpecsSystem Spec
11 Apr 2011   #10
Hopalong X

Windows7 Pro 64bit SP-1; Windows XP Pro 32bit
 
 

logicearth

Good follow up for readers.

Mike
My System SpecsSystem Spec
Reply

 Ms Removal Tool removed but how did I pick it up




Thread Tools




Similar help and support threads
Thread Forum
Safety removal tool
Good day to all. Having trouble with the safety removal tool in windows 7 home premium. Every time I connect my backup hdd then when complete the safety removal tray icon don't work,I found in google a microsoft repair for this prob.But didn't work. Any thoughts on this please. Many Thanks.
Hardware & Devices
Snipping Tool removed
Can anyone share how to re-install the snipping tool? I must have installed something that had a conflict with it and its gone now, nowhere to be found. The same happened with my right click>new>text document notepad I've tried searching the forums and a place to download and install but...
General Discussion
PC-Doctor removal tool
hi I have in Event Log of my PC with WIN 7,Prof. 64-bit, SP1 following entries: Log Name: Application Source: PC-Doctor Date: 05.02.2014 19:50:14 Event ID: 1 Task Category: None Level: Error
Software
Hardware removal icon missing from systray after Intel RST removed.
I have a P8Z77-V LK with two hot-swap bays. After a fresh install on this new system about 8 months ago I set BIOS to allow hot-swap of these two bays. Everything worked fine for a few months then I had the bright idea that, when prompted by Intel's Rapid Storage Technology to update, I would...
Hardware & Devices
MS malware removal tool
I'm curious about mrt. Does it ever get updated? Or is it just static. Appears to be useful but it could become out of date and therefore not as effective.
System Security
AV Software Removal Tool
Came across this application and though it may be useful for anyone considering changing AV provider - AV packages can be difficult to remove Available Here ... OPSWAT AppRemover, Thoroughly remove your security applications &mdash; AppRemover Site
System Security


Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 06:05.
Twitter Facebook Google+ Seven Forums iOS App Seven Forums Android App