Anti-Malware Lab

Are you getting alerts from Anti-Malware Lab? Don't be tricked, Anti-Malware Lab is a not a real security application. It is a kind of program known as a rogue anti-malware application. These kinds of programs pretend to be genuine anti-malware utilities to trick you into buying them. Specifically, Anti-Malware Lab's interface is designed to mimic the interface for a typical Windows Security scanner. Anti-Malware Lab takes over your computer, to make you think it has a malware infection. Then, it will prompt you to buy Anti-Malware Lab to get rid of the supposed infection. Don't fall for it; Anti-Malware Lab is nothing but a scam.

How Anti-Malware Lab Enters Your Computer

Surprisingly, it is often the victims themselves that download rogue anti-virus applications like Anti-Malware Lab. This kind of attack is known as social engineering. In these cases, hackers try to target typical human behaviors to deliver harmful software. Apart from directly downloading and installing Anti-Malware Lab, this program is also delivered by a Trojan. The most common Trojan associated with Anti-Malware Lab is the Zlob Trojan. Trojans like these take advantage of security vulnerabilities to deliver their harmful payload. Common sources for a Zlob Trojan infection include:

  • Websites that exploit vulnerabilities in Flash and JavaScript.
  • Fake video codec downloads.
  • Trojans disguised as popular downloads on file sharing networks.

Clones and Trojans Associated with Anti-Malware Lab

There are several rogue anti-spyware programs associated with Anti-Malware Lab. Many are direct clones from Anti-malware Lab family, the FakeVimes or have many similarities. Some of the most prominent Anti-Malware Lab clones are Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

The Trojan family most closely related to Anti-Malware Lab is the Zlob family of Trojans. Anti-Malware Lab will often report up to two dozen different Trojan infections on the computer Anti-Malware Lab is attacking. Typical Trojans reported by Anti-Malware Lab include:

You should disregard these warnings completely; the real threat is Anti-Malware Lab. You should also remember that you should never delete any files reported by Anti-Malware Lab as infected. At best, these files are completely harmless. In the worst case, they may be essential system files; deleting them may cause irreparable damage to your operating system.

Special Steps to Remove Anti-Malware Lab from Your Computer

Often, Anti-Malware Lab will not make it easy for you to remove Anti-Malware Lab. Use a legitimate anti-malware tool to remove Anti-Malware Lab. Start up Windows in Safe Mode to prevent Anti-Malware Lab from starting up when you log into your account. You can also use the registration code U2FD-S2LA-H4KA-UEPB to stop Anti-Malware Lab from displaying Anti-Malware Lab's fake alerts. Keep in mind that this doesn't remove the threat from your computer, it just stops some of Anti-Malware Lab's annoying pop-up alerts.

SpyHunter Detects & Remove Anti-Malware Lab

File System Details

Anti-Malware Lab may create the following file(s):
# File Name MD5 Detections
1. %CommonAppData%\[random]\[random].ocx
2. %CommonAppData%\[random]\[random].dll
3. %CommonAppData%\[random]\[random].exe
4. %CommonAppData%\[random]\[random]
5. %AppData%\Anti-Malware Lab\Instructions.ini
6. %CommonAppData%\[random]\[random].mof
7. %AppData%\Anti-Malware Lab\cookies.sqlite
8. %CommonAppData%\[random]
9. %AppData%\Anti-Malware Lab
10. b1e3d1680706a84630752865c948b451 b1e3d1680706a84630752865c948b451 0

Registry Details

Anti-Malware Lab may create the following registry entry or registry entries:
File name without path
Anti-Malware Lab.lnk
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "Anti-Malware Lab"
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http="
HKCU\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options "Debugger" = "svchost.exe"


Most Viewed