Antimalware - Proven Antivirus Protection

Antimalware - Proven Antivirus Protection Description

Type: Adware

Antimalware - Proven Antivirus Protection is a rogue security program that is used to steal money from inexperienced computer users. Rogue security software like Antimalware - Proven Antivirus Protection are used to carry out a well known scam, tricking inexperienced computer users into believing that they need to pay for an expensive, fake security program. If Antimalware - Proven Antivirus Protection is installed on your computer, Antimalware - Proven Antivirus Protection should be removed using a real security application to restore the affected computer to normal.

How Antimalware - Proven Antivirus Protection is Used by Cybercriminals

Fake security programs like Antimalware - Proven Antivirus Protection are among the most common types of online scams. Antimalware - Proven Antivirus Protection another member of the WinWeb Security family makes damaging changes to your computer's settings, preventing computer users from accessing their files and causing a large number of problems deliberately in order to trick computer users into believing that there are viruses and Trojans present on the infected computer. The main goal of the Antimalware - Proven Antivirus Protection as well as of its many clones is to make computer users believe that they need to purchase an expensive, 'licensed' version of Antimalware - Proven Antivirus Protection. There are several ways in which Antimalware - Proven Antivirus Protection carries out its scam and tricks inexperienced computer users, including the following tactics:

  • Antimalware - Proven Antivirus Protection runs a fake scan of the infected computer, claiming that there are numerous infections regardless of the actual state of the infected computer.
  • Antimalware - Proven Antivirus Protection pesters computer users with numerous fake error messages and irritating bogus alerts. These fake error messages are used to prevent computer users from accessing websites and applications related to computer security.
  • Antimalware - Proven Antivirus Protection will often interfere with the affected computer's Internet connection in order to protect itself from removal. Other techniques used to protect Antimalware - Proven Antivirus Protection from removal include blocking access to legitimate security programs and even blocking executable files in general from being opened.
  • Antimalware - Proven Antivirus Protection deliberately causes problems on the affected computer to reinforce the idea that the infected computer is riddled with threats. For example, a computer on which Antimalware - Proven Antivirus Protection is installed will often crash and freeze, and may display many similar performance problems.

Among the many clones of Antimalware - Proven Antivirus Protection are System Security, Antivirus Security, Total Security 2009, Security Tool, Trojan.RogueAV.a.gen, System Adware Scanner 2010, FakeAlert-KW.e, Advanced Security Tool 2010, System Tool 2011, Security Shield, MS Removal Tool, Total Security, System Security 2011, Essential Cleaner, Security Shield Pro 2011, Personal Shield Pro, Security Shield 2011, Security Sphere 2012, Advanced PC Shield 2012, Futurro Antivirus.

Technical Information

File System Details

Antimalware - Proven Antivirus Protection creates the following file(s):
# File Name Detection Count
1 %Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe N/A
2 %Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].dat N/A
3 %Temp%\[RANDOM CHARACTERS] N/A

Registry Details

Antimalware - Proven Antivirus Protection creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\[RANDOM CHARACTERS]
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = "%Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe -r "%1" %*"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "EnabledV9" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyOverride" = ""
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyEnable" = 1
HKEY_CLASSES_ROOT\.key
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\LinksBar "Enabled" = 0
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter "Enabled" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = 1
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "CheckExeSignatures" = "no"
HKEY_CLASSES_ROOT\.key "(Default)" = "regfile"
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = 1
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" ="%Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe -r "%1" %*"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".exe"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1:48738"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]" = "%Temp%\[RANDOM CHARACTERS]\[RANDOM CHARACTERS].exe"

More Details on Antimalware - Proven Antivirus Protection

The following messages associated with Antimalware - Proven Antivirus Protection were found:
Antimalware Alert
Infiltration Alert
Your computer is be attacked by an internet virus. It could be password-stealing attack, a trojan-dropper or similar.
Internet Explorer Warning - Visiting this web site may harm your computer!

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.