How can I remove the MS Removal Tool malware from Windwos XP if it doesn’t let me boot into Safe Mode?

Gary May 12, 2011
Pinterest Stumbleupon Whatsapp

My computer will not boot to Safe Mode in Windows XP. I have malware “MS Removal Tool” and I can’t even get to a DOS prompt, search will not find the malware files, the malware closes task manager, and will not let me execute most utilities. Help, I don’t want to have to buy a new hard drive.

Ads by Google

  1. Anonymous
    May 13, 2011 at 7:38 am

    If taskmanager cannot work then try Autorun
    Autoruns for Windows v10.07
    http://technet.microsoft.com/en-us/sysinternals/bb963902.aspx

     Have you tried to download and use ClamWIn
    http://www.clamwin.com/
    You can download on other pc then use a usb key for transfert to your pc.

    Otherwise there are some bootcd
    there is BartPE with Clamwin:
    http://oss.netfarm.it/winpe/

    Trinity Rescue Kit – A Bootable Anti Malware, Virus Rescue CD
    http://trinityhome.org/Home/index.php?wpid=1&front_id=12

    delete those that are associated with “MS Removal Tool
    %AppData%[random]
    %AppData%[random][random].exe
    HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRunOnce “[random]”
    c:Documents and SettingsAll UsersApplication Data[random][random]
    c:Documents and SettingsAll UsersApplication Data[random][random].exe
    c:UsersAll UsersAppDataRoaming[random][random]
    c:UsersAll UsersAppDataRoaming[random][random].exe

  2. Tina
    May 13, 2011 at 7:37 am

    Gary,

    how are you trying to access Safe Mode and what happens?

    The easiest way to boot into Safe Mode is to click the trigger key (usually F8) while the computer is booting. Since the malware is not running at that point, it should not be able to interfere.

    Anyways, you are in luck, Bleeping Computer has a detailed guide on how to get rid of MS Removal Tool: http://www.bleepingcomputer.com/virus-removal/remove-ms-removal-tool

    Please let us know whether it worked for you and in case it didn't, where you got stuck.