Computer Tips -Tech Info



« | »

How to Remove AntiAdd | AntiAdd Removal Guide

AntiAdd is a rogue antivirus application. It is installed via trojans that claim to be video codec or flash player updates and then once installed on the system it will claim to be scanning your computer and discovering all sorts of viral infected files. In addition to this it may popup warnings about supposed security threats and will claim that it cannot fix the problems unless you purchase the software. AntiAdd is essentially just out to get your money and should be removed. Read on for how to remove AntiAdd.


For removal of antiadd you may wish to start with the control panel and visit the add/remove programs area and attempt an uninstall of antiadd. If this works, great! Follow it up with a scan of something like malwarebytes antimalware, or superantispyware and a scan with a trusted antivirus (housecall from trendmicro or avg/avira/etc.) You should really do this to make sure you have cleaned up all the leftovers from this rogue.

You should block the following web site:

antiadd.com

That should protect you from future reinfections.

Next go ahead and download malwarebytes antimalware from the link on the virus removal toolkit page. While you are there you may also wish to download process explorer as you may make use of it later in the process.

If you are unable to install, update and run malwarebytes antimalware you may try the following tricks. 1) rename the installer from mbam-setup.exe to something else (iexplore.exe maybe). Then retry the install, update and scan. 2) reboot into safe mode (with networking) and retry the install, update and scan. 3) continue with the next step which is to terminate the processes associated with antiadd and then retry the install.

The following processes should be killed off using the task manager (ctrl-alt-del or right click the task bar and choose task manager.) If the task manager doesn’t launch. 1) copy and paste the program for task manager to the desktop and then rename it to something else (from taskmgr.exe to firefox.exe for instance.) 2) reboot into safe mode and see if the processes listed are running. 3) use process explorer instead of task manager to kill off the following programs:

456zdownloader2989.exe
AntiAdd.exe
uninstall.exe

There may be some ranomized component to the filenames so make sure to use what you see on your system in addition to the patterns above and filenames listed below to determine which programs should be killed off.

The following files and folders should be deleted to manually remove antiadd:

%docs%All UsersDesktopAntiAdd.lnk
%docs%All UsersStart MenuProgramsAntiAdd
%docs%All UsersStart MenuProgramsAntiAdd1 AntiAdd.lnk
%docs%All UsersStart MenuProgramsAntiAdd2 Homepage.lnk
%docs%All UsersStart MenuProgramsAntiAdd3 Uninstall.lnk
%progfiles%AntiAdd Software
%progfiles%AntiAdd SoftwareAntiAdd
%progfiles%AntiAdd SoftwareAntiAddAntiAdd.exe
%progfiles%AntiAdd SoftwareAntiAdduninstall.exe
%win%10069z9ambot521.bin
%win%101355o9-a-vzrus2e0.cpl
%win%10300tr5j29bz.cpl
%win%system324469steal51z5.ocx
%win%system32455cs9arsez238.ocx
%win%system32456zdownloader2989.exe
%tmp%.exe

After you have removed the above I would still go back and scan the drive with malwarebytes and or superantispyware to make sure you have completed your removal of antiadd. Then follow up with a scan from a trusted antivirus product. (Norton/McAfee/TrendMicro/AVG/etc.etc.etc.)

Related Posts

Blog Traffic Exchange Related Posts Blog Traffic Exchange Related Websites
www.pdf24.org    Send article as PDF   

Posted by on December 2, 2009.

Tags: , , , , , , , , , , ,

Categories: antivirus, malware, Rogue Security Software

« | »




Recent Posts


Pages



Switch to our desktop site