MS Removal Tool 2.20

Posted: April 23, 2011

MS Removal Tool 2.20 Description

Despite the connotations in its name, MS Removal Tool 2.20 is completely unrelated to the Microsoft brand and is, in fact, a clone of rogue security programs like System Tool. The external appearance of an anti-virus and general system security program only furthers MS Removal Tool 2.20's aims by giving it an excuse to flood you with fake infection messages and constantly redirect your browser to a registration key purchase page, If your PC falls victim to MS Removal Tool 2.20 (a new version of MS Removal Tool) you should try to delete MS Removal Tool 2.20 as soon as you can, since rogue programs in the MS Removal Tool 2.20 family will ruthlessly hijack your browser and attack security programs.

MS Removal Tool 2.20: Cowering Under the MS Brand to Do Its Dirty Deeds

Distribution of MS Removal Tool 2.20 is currently limited to hostile websites that try to pass it off as a genuine security tool or a codec update for a movie viewer. Actually downloading MS Removal Tool 2.20 isn't always necessary to get infected by it, since rogue threats in MS Removal Tool 2.20's subgroup are sometimes distributed by trojans that don't ask for permission before invading your PC. MS Removal Tool 2.20 is best thought of as the successor to System Tool, but it also bears a strong resemblance to System Tool 2011, System Tool 2.20 and System Security.

One of the first things MS Removal Tool 2.20 infections will do is change your Registry to let MS Removal Tool 2.20 run whenever Windows starts. After this, you'll start to see errors like the following:

MS Removal Tool 2.20 Warning
Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
Click here to activate protection.

Warning: Your computer is infected
Windows has detected spyware infection!
Click this message to install the last update of Windows security software...

Security Monitor: WARNING!
Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
CLick Yes to download official intrusion detection system (IDS software).

MS Removal Tool 2.20 Warning
Intercepting programs that may compromise your private and harm your system have been detected on your PC.
Click here to remove them immediately with MS Removal Tool 2.20.

MS Removal Tool 2.20 uses these false alerts to make you think that the best thing for your computer is to purchase a MS Removal Tool 2.20 registration key to remove these threats. However, MS Removal Tool 2.20 can't detect real threats - all of these infections, such as the 'TrojanSPM/LX,' are fake. If you're experiencing other serious problems with your PC, it's because MS Removal Tool 2.20 is causing them!

The Right Way to Remove MS Removal Tool 2.20

Even if you're determined to remove MS Removal Tool 2.20, this is easier said than done. MS Removal Tool 2.20's other attacks on your PC, as seen below, will make it more difficult to download and run the required anti-malware software:

  • MS Removal Tool 2.20 may alter your browser to use a proxy server. This lets MS Removal Tool 2.20 redirect you from any site of its choosing (especially search engine results) to malicious websites. MS Removal Tool 2.20 will also use this to block you from visiting safe websites - you may see unusual errors or warnings that try to cover up MS Removal Tool 2.20's behavior.
  • MS Removal Tool 2.20 can shut down a wide range of applications. If you're unlucky, you may find almost every program on your PC unusable, but MS Removal Tool 2.20 may also limit itself to simply blocking security-related applications such as virus scanners.

Rebooting into Safe Mode is known to prevent MS Removal Tool 2.20-related threats from interfering with the infected computer's operations in most cases. It's recommended that you run any scans from this mode to be sure that deleting MS Removal Tool 2.20 has the best chance of working. Having your scanner updated before you run it is also important, since MS Removal Tool 2.20 isn't very old and may not be listed on threat definition files that aren't fully up to date.

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].bat
    2 %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].cfg
    3 %AppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe
    4 %CommonAppData%\[RANDOM CHARACTERS]
    5 %CommonAppData%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe

Additional Information on MS Removal Tool 2.20

  • The following messages's were detected:
    # Message
    1 Warning: Your computer is infected
    Windows has detected spyware infection!
    Click this message to install the last update of Windows security software...
    2 Security Monitor: WARNING!
    Attention: System detected a potential hazard (TrojanSPM/LX) on your computer that may infect executable files. Your private information and PC safety is at risk. To get rid of unwanted spyware and keep your computer safe you need to update your current security software.
    CLick Yes to download official intrusion detection system (IDS software).
    3 MS Removal Tool 2.20 Warning
    Intercepting programs that may compromise your private and harm your system have been detected on your PC.
    Click here to remove them immediately with MS Removal Tool 2.20.
    4 MS Removal Tool 2.20 Warning
    Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details.
    Click here to activate protection.

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to MS Removal Tool 2.20 may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.