AntiMalware is latest rogue antimalware program from CoreGuard Antivirus 2009 rogue family. AntiMalware is clone of infamous Active Security fake security application. As its predecessors, AntiMalware will try to uninstall legitimate anti-virus programs from your computer. Here are the list of application the installer tries to remove:
• Agnitum
• avast!
• AVG
• Avira AntiVir
• BitDefender
• F-Secure
• Kaspersky
• Malwarebytes' Anti-Malware
• NOD32
• Sophos
Once installed, AntiMalware will be configured to start automatically every boot up. While running AntiMalware will constantly perform full system scans and list you variety of infections that cannot be removed until you first purchase licensed version. Important to notice those names of listed threats are real but they don’t actually exist on your computer. That’s why all system scans reports of AntiMalware must be ignored. AntiMalware will also generate numerous fake security alerts and pop-ups. As you see, AntiMalware is rogue antispyware application that must be removed as soon as possible. We advise you to use removal guide below or use automatic removal tool.
• Agnitum
• avast!
• AVG
• Avira AntiVir
• BitDefender
• F-Secure
• Kaspersky
• Malwarebytes' Anti-Malware
• NOD32
• Sophos
Once installed, AntiMalware will be configured to start automatically every boot up. While running AntiMalware will constantly perform full system scans and list you variety of infections that cannot be removed until you first purchase licensed version. Important to notice those names of listed threats are real but they don’t actually exist on your computer. That’s why all system scans reports of AntiMalware must be ignored. AntiMalware will also generate numerous fake security alerts and pop-ups. As you see, AntiMalware is rogue antispyware application that must be removed as soon as possible. We advise you to use removal guide below or use automatic removal tool.
Type: Rogue Anti-Spyware
Malware Author: Unknown
Threat Level: Critical
Screenshot:
How to remove AntiMalware manually:
It's possible to remove AntiMalware manually, but you have to be very experienced in dealing with registry entries, program files and .dll files.
The files to be deleted:
c:\Program Files\AntiMalware
c:\Program Files\AntiMalware\amext.dll
c:\Program Files\AntiMalware\antimalware.exe
c:\Program Files\AntiMalware\help.ico
c:\Program Files\AntiMalware\malw.db
c:\Program Files\AntiMalware\uninstall.exe
c:\Documents and Settings\All Users\Desktop\AntiMalware Support.lnk
c:\Documents and Settings\All Users\Desktop\AntiMalware.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware Support.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\Uninstall AntiMalware.lnk
%Temp%\4otjesjty.mof
%Temp%\c.dat
Remove registry entries:
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_LOCAL_MACHINE\SOFTWARE\Active Security
HKEY_LOCAL_MACHINE\SOFTWARE\AntiMalware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiMalware
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AntiMalware"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"
HKEY_LOCAL_MACHINE\SOFTWARE\Active Security
HKEY_LOCAL_MACHINE\SOFTWARE\AntiMalware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiMalware
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AntiMalware"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"
Please be careful because manual removal of AntiMalware may seriously damage operational system and sensitive data. Also there is a big possibility of incomplete removal, because some files could be hidden and program could re-install itself after you delete files and registry entries. So we strongly recommend you to use automatical removal tool.
No comments:
Post a Comment