cara menangani ms removal tool (Anti Spyware Palsu)

 

Hati-hati dalam memakai anti spyware, banyak anti spyware yang dapat menyerang balik komputer seperti MS Removal Tool bekerja seperti anti Spyware sebenarnya, dan memiliki interface atau tampilan seperti program antimalware GO, Windows Power Expansion, System Tool 2011, dan lainnya. Cara kerja MS Removal Tool ini sangat apik. Biasanya, setelah anda menginstall Aplikasi MS REMOVAL TOOL ini, program akan mengeluarkan pesan peringatan yang memberitahukan bahwa komputer terinfeksi spyware, padahal sebenarnya MS Removal Tool - Anti Spyware Palsu ini tidak dapat mendeteksi dan menghapus trojan atau spyware apapun.

Jika komputer anda menampilkan pesan berikut, bisa dipastikan komputer anda telah tersisipi trojan dari MS REMOVAL TOOL :

1. "MS Removal Tool Warning
   Intercepting programs that may compromise your private and harm your system have been detected on your PC. Click here to remove them immediately with MS Removal Tool."

2. "MS Removal Tool Warning
   Your PC is infected with dangerous viruses. Activate antivirus protection to prevent data loss and avoid the theft of your credit card details. Click here to activate protection."

3. "MS Removal Tool
   Some critical system files of your computer were modified by malicious program. It may cause system instability and data loss."

Cara Menghapus atau Remove MS Removal Tool - Anti Spyware Palsu :

1. Masuk Kedalam Windows Safe Mode With Network Connection.
2. Jika anda terkoneksi internet, Download Aplikasi Anti Spyware asli seperti Spyware Hunter, Malwarebytes dan sebagainya.
3. Install aplikasi Anti Spyware yang baru di download tadi.
4. Scan Computer anda dengan Anti Spyware tersebut.
5. Jika cara tersebut tidak ampuh, coba restore setting computer anda ke waktu sebelum MS Removal Tool - Anti Spyware Palsu di install. 

Cara Manual Menghapus MS Removal Tool :
Masuk Kedalam SafeMode, kemudian masuk ke registry Editor (Regedit)
Cari key-key berikut kemudian hapus :

• HKCU/Software/Microsof/Windows/CurrentVersion/Run/"[nama acak]. Exe"
• HKCU/Software/Microsoft/Windows/CurrentVersion/Run/"[nama acak]"
• HKCU/Software/Microsoft/Windows/CurrentVersion/Policies/Association/"LowRiskFileTypes" = '/{hq: /s s:/ogn: / uyu: /dyd:/ cu: /BNL: /ble: / sdf: / lrh: / iul: / iulm: / FhG: / clq: / kqf: / `wh: / lqf: / lqdf: / lnw: / lq2: / l2t: / v` w: / RBS: '
• HKCU/Software/Microsoft/Windows/CurrentVersion/Policies/Attachment/"SaveZoneInformation" = '1 '
• HKCU/Software/Microsoft/Internet Explorer/Download/"CheckExeSignatures" = 'no'
• HKCU/Software/Microsoft/Internet Explorer/Main/"UseFormSuggest" = 'yes'
• HKCU/Software/Microsoft/Windows/CurrentVersion/Internet Settings/"WarnonBadCertRecving" = '0 '
• HKCU/Software/Microsoft/Windows/CurrentVersion/Policies/System/"DisableTaskMgr" = '1 '

Cari File-file Berikut kemudian Hapus
Win XP/2000 : C:/Documents and Settings/All Users/Application Data/[nama acak].exe
misal : j85fFkgrx29kv.exe

Win 7/Vista : C:/ProgramData/[nama acak].exe
misal : j85fFkgrx29kv.exe

Liat videonya 
download For XP 
dan For Vista&win7

Pass : apa_aja_boleh 



Kalo Ga Bisa Juga Coba Download Tool dari Microsoft 
Download Disini