Anti-Malware Lab

Anti-Malware Lab Description

Type: Rogue AntiSpyware Programs

Are you getting alerts from Anti-Malware Lab? Don't be tricked, Anti-Malware Lab is a not a real security application. It is a kind of program known as a rogue anti-malware application. These kinds of programs pretend to be genuine anti-malware utilities to trick you into buying them. Specifically, Anti-Malware Lab's interface is designed to mimic the interface for a typical Windows Security scanner. Anti-Malware Lab takes over your computer, to make you think it has a malware infection. Then, it will prompt you to buy Anti-Malware Lab to get rid of the supposed infection. Don't fall for it; Anti-Malware Lab is nothing but a scam.

How Anti-Malware Lab Enters Your Computer

Surprisingly, it is often the victims themselves that download rogue anti-virus applications like Anti-Malware Lab. This kind of attack is known as social engineering. In these cases, hackers try to target typical human behaviors to deliver harmful software. Apart from directly downloading and installing Anti-Malware Lab, this program is also delivered by a Trojan. The most common Trojan associated with Anti-Malware Lab is the Zlob Trojan. Trojans like these take advantage of security vulnerabilities to deliver their harmful payload. Common sources for a Zlob Trojan infection include:

  • Websites that exploit vulnerabilities in Flash and JavaScript.
  • Fake video codec downloads.
  • Trojans disguised as popular downloads on file sharing networks.

Clones and Trojans Associated with Anti-Malware Lab

There are several rogue anti-spyware programs associated with Anti-Malware Lab. Many are direct clones from Anti-malware Lab family, the FakeVimes or have many similarities. Some of the most prominent Anti-Malware Lab clones are Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

The Trojan family most closely related to Anti-Malware Lab is the Zlob family of Trojans. Anti-Malware Lab will often report up to two dozen different Trojan infections on the computer Anti-Malware Lab is attacking. Typical Trojans reported by Anti-Malware Lab include:

You should disregard these warnings completely; the real threat is Anti-Malware Lab. You should also remember that you should never delete any files reported by Anti-Malware Lab as infected. At best, these files are completely harmless. In the worst case, they may be essential system files; deleting them may cause irreparable damage to your operating system.

Special Steps to Remove Anti-Malware Lab from Your Computer

Often, Anti-Malware Lab will not make it easy for you to remove Anti-Malware Lab. Use a legitimate anti-malware tool to remove Anti-Malware Lab. Start up Windows in Safe Mode to prevent Anti-Malware Lab from starting up when you log into your account. You can also use the registration code U2FD-S2LA-H4KA-UEPB to stop Anti-Malware Lab from displaying Anti-Malware Lab's fake alerts. Keep in mind that this doesn't remove the threat from your computer, it just stops some of Anti-Malware Lab's annoying pop-up alerts.

Technical Information

File System Details

Anti-Malware Lab creates the following file(s):
# File Name MD5 Detection Count
1 %CommonAppData%\[random]\[random].ocx N/A
2 %CommonAppData%\[random]\[random].dll N/A
3 %CommonAppData%\[random]\[random].exe N/A
4 %CommonAppData%\[random]\[random] N/A
5 %AppData%\Anti-Malware Lab\Instructions.ini N/A
6 %CommonAppData%\[random]\[random].mof N/A
7 %AppData%\Anti-Malware Lab\cookies.sqlite N/A
8 %CommonAppData%\[random] N/A
9 %AppData%\Anti-Malware Lab N/A
10 b1e3d1680706a84630752865c948b451 b1e3d1680706a84630752865c948b451 0

Registry Details

Anti-Malware Lab creates the following registry entry or registry entries:
File name without path
Anti-Malware Lab.lnk
RegistryKey
HKCU\Software\Microsoft\Windows\CurrentVersion\Run "Anti-Malware Lab"
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1"
HKCU\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options "Debugger" = "svchost.exe"

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.