Remove AntiMalware
November 12th, 2009 | by Alex |AntiMalware Descriptions:
AntiMalware is a rogueware application, the clone of the Active Security, as well as PC Scout. As is common to most rogue applications, during the installation AntiMalware is configured to start automatically every time you boot up Windows.
In addition, the Trojans will try to remove the real anti-virus applications which can detect AntiMalware as a virus on your computer. These applications include:
- Agnitum
- avast!
- AVG
- Avira AntiVir
- BitDefender
- F-Secure
- Kaspersky
- Malwarebytes’ Anti-Malware
- NOD32
- Sophos
As soon as you boot Windows up, AntiMalware starts its scans from the very beginning. Of course, it detects a bunch of infections on your computer. However, the only way to remove these viruses is to buy the program.
Be careful and do not trust this application. AntiMalware is a fake and malicious software designed to steal your money.
Follow our site and learn how to get rid of this malware.
Download SpyHunter* Spyware Detection Utility
Manual AntiMalware Removal Instructions:
Stop These AntiMalware Processes:
(Learn how to do this)
antimalware.exe
uninstall.exe
Find and Delete These AntiMalware Files:
(Learn how to do this)
c:\Program Files\AntiMalware\antimalware.exe
c:\Program Files\AntiMalware\help.ico
c:\Program Files\AntiMalware\malw.db
c:\Program Files\AntiMalware\uninstall.exe
c:\Documents and Settings\All Users\Desktop\AntiMalware Support.lnk
c:\Documents and Settings\All Users\Desktop\AntiMalware.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware Support.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware.lnk
c:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\Uninstall AntiMalware.lnk
%Temp%\4otjesjty.mof
%Temp%\c.dat
Remove These AntiMalware Registry Values:
(Learn how to do this)
HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “AntiMalware”
HKEY_LOCAL_MACHINE\SOFTWARE\Active Security
HKEY_LOCAL_MACHINE\SOFTWARE\AntiMalware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiMalware
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved “{5E2121EE-0300-11D4-8D3B-444553540000}”
Download SpyHunter* Spyware Detection Utility
6 Responses to “Remove AntiMalware”
By GURUxp on Nov 15, 2009 | Reply
Thanks for these, for real!
I think I ended up with a ‘variant’ of one of these that popped up a dialog which looked EXACTLY like the Windows Security Center. But a click anywhere in it tried to install more garbage malware. I did remove it, but don’t know how. Either going to XP Service Pack 3, or Microsoft’s ‘removal tool’ did it.
Thanks again for these useful tools!
John
By Marc on Dec 3, 2009 | Reply
After doing these steps the program keeps popping up trying to reinstall over and over and can’t be found or stopped. Please post where this originates as msconfig, file system, and registry entries are have been deleted properly, yet this keeps coming up saying its found a virus and needs to be installed.
By Beros on Dec 14, 2009 | Reply
Marc, I had the same, after performing all the removal steps above there was still every 2 minutes popping up a note on (fake) virus contamination or other malicious things. I then googled on the processes and as a result also deleted richtx64.exe and wscsvc32.exe which I found in the temp directory of my current user. After this the popups ended but I have no clue if any other dangerous processes from the rouge AntiMalware contamination still is active.
By ben on Dec 15, 2009 | Reply
ok, after doin everything above and deleting other various files, i still couldnt get rid of the program cuase it was still running and still got pops ups. here is what worked for me: unfortunally i couldnt find the exact temp folder that i found this file under again, but i would try scaning for it. wscsvc32 i dragged this file to my desktop, than rite clicked/rename i added .doc to the file name. restarted my computer, and was delighted to not see the prgram running, i than went to search, once again, and typed in ANTIMALWARE, than i waas FINALLY able to delete the program. i hope this helps. p.s. after i deleted everything that this site told me to, antimalware was gone from my add/remove programs list, and removed from my start/programs menu. but stil was on the computor, just something to keep in mind. good luck
By John on Dec 18, 2009 | Reply
I toiled with this rogue too.
The uninitiated should know that %Temp% equates to the path – Users\<m/c name\AppData\Local\Temp. This is where I found 4otjesjty.mof and c.dat.
But the most important one to get rid of is wscsvc32.exe – which was in the same place!
By Sherri on Dec 22, 2009 | Reply
I can’t find some of the above listed. I can’t find uninstall.exe, for example, and more than 1/2 of the registry keys. It won’t let me launch iexplore except to porno.com and viagra, so I can’t download a scrubber. Please advise!