Sunday, February 27, 2011

Remove AntiMalware GO virus

AntiMalware GO is a new fake antivirus software. The misleading application is a clone of Antivirus Scan malware. This malware reports false infections and displays a lot of fake security alerts in order to trick you into purchasing its so-called full version.

HijackThis shows AntiMalware GO infection:

O4 – HKCU\..\Run: [{RANDOM}] %Temp%\{RANDOM}\{RANDOM}.exe

What AntiMalware GO does

AntiMalware GO is distributed through the use of trojans that come from various misleading websites. When the trojan is started, it will install this malware. On first run, AntiMalwareGO will configure itself to start automatically when Windows loads. Next, the fake antivirus will simulate a system scan and list a lot of false infections that actually does not exist!

AntiMalware GO is a clone of AntiVira Av


AntiMalware GO will state that your computer is infected with adware, trojans, worms or malware with one purpose - to scare you into thinking that your PC in danger. Obviously, such results are a fraud, so you can freely ignore them.

While AntiMalware GO is running, it will flood your computer with fake security alert and notifications from Windows task bar. Moreover, the rogue will disable Task Manager and hijack Internet Explorer so, that it will display a misleading notification that states - "Internet Explorer Warning – visiting this web site may harm your computer!". Of course, all of these alerts and messages are a fake and like false scan results should be ignored.

Remember, AntiMalware GO is absolutely useless and what is more, even dangerous software. Most importantly, do not purchase it. Instead, please use the AntiMalware GO virus removal guide in order to remove this malware from your computer for free.

AntiMalware GO associated files and registry keys:
%Temp%\[RANDOM]\
%Temp%\[RANDOM]\[RANDOM].exe

HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter | “Enabled” = “0″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyOverride” = “”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyServer” = “http=127.0.0.1:32115″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings | “ProxyEnable” = “1″
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run | [RANDOM]
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run | [RANDOM]
Posted by Prog at 3:12 AM
Labels:

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)