The simple question, “What are the rogue antivirus applications?” can field a range of answers, all of which are correct. The most common answer though is that rogue (or fake) antispyware software is the application that is promoted by the usage of Trojans and fake system scans strategy. It can get inside your machine while you are visiting different misleading websites or even MySpace, Face Book, YouTube etc. After been settled down on your PC AntiTroy starts its nasty job at once. First of all, after rebooting your system, AntiTroy is going to run misleading system scan. It is stated to be faked because all the threats AntiTroy shows were made up by the badware itself. All those malicious files are only the tool of influence. It does none of bad, but it makes you feel scared about your PC and makes the user start search for help immediately. That is why AntiTroy will offer you to visit its official website and purchase the registered license, either way you will not be able to remove the threats. This is the way AntiTroy tricks you and steals your money. Another action it will commit is blocking the access to all security related websites in order to prevent badware’s detection. So, if you want to visit any Internet address it doesn’t mean that you could do that, especially if AntiTroy is working inside your computer. All in all, AntiTroy is very unwanted application that only pretends to be security software but indeed it is nothing more but very dangerous rogue antispyware that must be removed from the computer right after detection.
Type: Rogue Anti-Spyware
Malware Author: Unknown
Threat Level: Critical
Screenshot:
How to remove AntiTroy manually:
It's possible to remove AntiTroy manually, but you have to be very experienced in dealing with registry entries, program files and .dll files.
The files to be deleted:
%Documents and Settings%\All Users\Desktop\AntiTroy.lnk
%Documents and Settings%\All Users\Start Menu\Programs\AntiTroy
%Documents and Settings%\All Users\Start Menu\Programs\AntiTroy\1 AntiTroy.lnk
%Documents and Settings%\All Users\Start Menu\Programs\AntiTroy\2 Homepage.lnk
%Documents and Settings%\All Users\Start Menu\Programs\AntiTroy\3 Uninstall.lnk
%Program Files%\AntiTroy Software
%Program Files%\AntiTroy Software\AntiTroy
%Program Files%\AntiTroy Software\AntiTroy\AntiTroy.exe
%Program Files%\AntiTroy Software\AntiTroy\main_config.xml
%Program Files%\AntiTroy Software\AntiTroy\uninstall.exe
%WINDOWS%\1009stea525z1.dll
%WINDOWS%\1018zhr5at19497.ocx
%WINDOWS%\101z5hie92236.ocx
%WINDOWS%\system32\1853worz2f19.bin
%WINDOWS%\system32\18f0addwaze5917.ocx
%WINDOWS%\system32\194z45py6b9.ocx
%WINDOWS%\system32\[random numbers].exe
Remove registry entries:
HKEY_CURRENT_USER\Software\AntiTroy
HKEY_LOCAL_MACHINE\SOFTWARE\AntiTroy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiTroy
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AntiTroy.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random numbers].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “AntiTroy”
HKEY_LOCAL_MACHINE\SOFTWARE\AntiTroy
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiTroy
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AntiTroy.exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “[random numbers].exe”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run “AntiTroy”
Please be careful because manual removal of AntiTroy may seriously damage operational system and sensitive data. Also there is a big possibility of incomplete removal, because some files could be hidden and program could re-install itself after you delete files and registry entries. So we strongly recommend you to use automatical removal tool.
No comments:
Post a Comment