MS Removal Tool

(I’m using Windows XP SP3 with everything else nice and up to date)

This virus stomped right through all my defenses like I was wide open with no protection. Avast never saw it until I used “Process Explorer” to shut down the evil .exe and then tracked down the folder it was in and had Avast scan it directly. (I am a seasoned PC user and I never download or run unknown exe files. This snuck in somehow without me agreeing to it or seeing it.)

My process:

Sigh. I can’t CTRL-ALT-DLT once it starts up and this version doesn’t stick out like a sore thumb (like it used to) Avast can’t find it now or in Safe Mode. Spybot Search & Destroy can’t find it. Nothing shows up in MSCONFIG in safe mode. Ack, stupid.

So, I downloaded and ran “Process Explorer” and found the exe running under explorer.

Process Explorer: http://docs.google.com/uc?id=0B7pJ7yI2AU6jYmJiNDcwNjgtNDBmOC00ZDI1LTljMDAtZTI3MjU4ZDVmNzJk&export=download&hl=en

Killed it, now trying to scan and remove it.

The .exe is located here:
C:\Documents and Settings\All Users\Application Data\aN06509LlMpP06509


http://www.spyware-experts.com/ms-removal-tool-removal/?gclid=CLuJ-rD7zqgCFQQbKgodJ1DThg

What does MS Removal Tool do?

Once installed, MS Removal Tool can:

*Steal your passwords, credit card numbers and personal information.
*Block you from running Windows Task Manager
*Block you from running executable files
*Trick you into purchasing illegitimate software by simulating detection of infections.
*Hijack your web browser by blocking access to websites of legitimate software vendors.
*Affect the performance of your computer so much so that it may render it inoperable.
*Selectively disable parts of your system to prevent you from uninstalling it.
*Prevent legitimate spyware and virus removers from running
*Disable automatic system software updates
*Install additional spyware or viruses onto your computer