Archive for July 21st, 2010
Anti-Malware
July 21st, 2010 | 
Author: AntiMalware is a misleading application that reports false infections/system security threats, displays fake security alerts, uses browser hijacking and other methods to trick you into believing that your computer is infected with Trojans, Worms and other viruses.
Active Security, PC Scout and Protection System are other similar applications that are part of the same category of misleading viruses.
AntiMalware is promoted mostly through the use of Trojans that comes from fake online scanners, fake online video websites or bundled with other malicious software. When you’re clicking on some fake banner or pop-up while surfing the Internet, you might be asked to install some application. It is a way for Trojans to spread. Once installed, such Trojans will proceed to download and install AntiMalware.
Its main goal is to hurt your system a lot.You will be asked to purchase the full version of the program in order to protect your computer from malware. This malware only seeks to make people scared about their computers’ security and sell its “full” version for virus removal, thus trying to steal your money.
Clicking on some fake banner or pop-up will prompt a download your way. This is how Trojans usually succeed to multiply. Those same Trojans will then download and install AntiMalware.
Malware are known to try to trick people to buy some fake registered version, in order to remove the threats we talked at first. AntiMalware will scare you the most it can in order to achieve that goal.
What Does AntiMalware Do to My Computer?
Once running and installed, AntiMalware will modify your system registry so it can start automatically on each logon or reboot.
It will then perform a fake system scan. The result is a report with a high number of infections that were founded. You will be told they cannot be removed unless you buy the full version of AntiMalware .
The application will show the same security warnings regardless if your computer is free from viruses. The names used are from real viruses.
AntiMalware has a very nasty feature: it will try to uninstall most antivirus, like NOD32 Antivirus, Kaspersky, AVG, BitDefender, avast!, Avira AntiVir, Sophos… from your PC. It will also block your current antivirus from working and you will not be able to update it.
AntiMalware will also do the following:
ï€ report that Internet Explorer is infected
ï€ report that your computer is under attack from some remote host
ï€ show nag screens
display notices from the Windows Task Bar
ï€ show many pop-ups
AntiMalware will create new desktop shortcuts and will switch your homepage. They will lead you to illegitimate web pages.
To remove and delete Anti Malware is very important since this malware is also able to download and install additional rogue programs onto your computer.
How to Remove AntiMalware ?
If you find out your computer is infected with AntiMalware, you have to remove it. For those good with computers, you will find the manual instructions at the end.
Otherwise, your best option should be an online service called www.onlinecomputerrepair.org. This service is run by professionals. They will remove AntiMalware from your system, once for all. They charge like 89 dollars, more or less, check with them. They are cheaper and faster than your local tech guy.
Another good option I do have for you is a program called Spyware Doctor with Antivirus. Install it, run it, do a full and in-depth system scan with it. It will remove AntiMalware besides any others threats found.
AntiMalware manual removal is done the following way:
Kill Processes:
antimalware.exe
uninstall.exe
AntiMalware2009.exe
antimalwareproinstaller.exe
Delete Registry Values:
HKEY_CLASSES_ROOTCLSID5E2121EE-0300-11D4-8D3B-444553540000
HKEY_LOCAL_MACHINESOFTWAREActive Security
HKEY_LOCAL_MACHINESOFTWAREAntiMalware
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionUninstallAntiMalware
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionRun “AntiMalware”
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionShell ExtensionsApproved “5E2121EE-0300-11D4-8D3B-444553540000″
Remove Files:
c:Program FilesAntiMalwareamext.dll
c:Program FilesAntiMalwareantimalware.exe
c:Program FilesAntiMalwarehelp.ico
c:Program FilesAntiMalwaremalw.db
c:Program FilesAntiMalwareuninstall.exe
c:Documents and SettingsAll UsersDesktopAntiMalware Support.lnk
c:Documents and SettingsAll UsersDesktopAntiMalware.lnk
c:Documents and SettingsAll UsersStart MenuProgramsAntiMalwareAntiMalware Support.lnk
c:Documents and SettingsAll UsersStart MenuProgramsAntiMalwareAntiMalware.lnk
c:Documents and SettingsAll UsersStart MenuProgramsAntiMalwareUninstall AntiMalware.lnk
%Temp%4otjesjty.mof
%Temp%c.dat
Delete Directories:
C:Program FilesAntiMalware
C:Documents and SettingsAll UsersStart MenuProgramsAntiMalware
%Temp%
Posted in General | 
Tags: money, security threats, system security, virus removal, worms | 
No Comments »