Computer Tips -Tech Info

AntiTroy is a rogue antivirus application that is usually installed through trojans that are masquerading as a video codec update or flash player update. It usually installs without the computer users permission and will complain about many security issues with your pc. It will claim that there are virus infected files that should be removed and of course, it couldn’t possibly fix the problems until you pay for their software. This is essentially a scam to separate you from your money and you should read on for how to remove antitroy.

First you may wish to visit the control panel and use the add/remove programs dialog to see if you can uninstall antitroy. If that works, GREAT! Now, download a tool such as malwarebytes antimalware or superantispyware and do an update and scan with one of those as well as a follow up scan with AVG/Avira or another trusted antivirus application such as housecall from trendmicro or McAfee or Norton.

You can download malwarebytes antimalware from my virus removal toolkit page. While you’re there you may also wish to download process explorer as you may need it further in the removal process.

If you are unable to install malwarebytes antimalware you may try the following tricks to help get it installed. 1) rename the installer from mbam-setup.exe to something like firefox.exe and retry the install, update and scan. 2) reboot into safe mode (with networking) and retry the install/update and scan. 3) Go to the next step which will be killing off the running processes associated with AntiTroy and then retry your install of malwarebytes (without rebooting.)

The following processes should be killed off using the task manager. If the task manager does not launch you may try the following: 1) copy the executable file for the task manager (taskmgr.exe) and paste it to the desktop. Once there rename it to something like iexplore.exe and launch this renamed program to kill off the processes. 2) reboot into safe mode and see if the processes are running. 3) Use process explorer instead to kill off the following programs:

AntiTroy.exe
RANDOM.exe

The above files have a randomization component to them – it may be mostly numbers – use the file locations you see listed below as well as the information you find on your system to determine which processes to terminate.

The following files and folders should be deleted for a full manual removal of antitroy:

%docs%All UsersDesktopAntiTroy.lnk
%docs%All UsersStart MenuProgramsAntiTroy
%docs%All UsersStart MenuProgramsAntiTroy1 AntiTroy.lnk
%docs%All UsersStart MenuProgramsAntiTroy2 Homepage.lnk
%docs%All UsersStart MenuProgramsAntiTroy3 Uninstall.lnk
%progfiles%AntiTroy Software
%progfiles%AntiTroy SoftwareAntiTroy
%progfiles%AntiTroy SoftwareAntiTroyAntiTroy.exe
%progfiles%AntiTroy SoftwareAntiTroymain_config.xml
%progfiles%AntiTroy SoftwareAntiTroyuninstall.exe
%win%1009stea525z1.dll
%win%1018zhr5at19497.ocx
%win%101z5hie92236.ocx
%win%system321853worz2f19.bin
%win%system3218f0addwaze5917.ocx
%win%system32194z45py6b9.ocx
%win%system32RANDOM.exe

After this you should have completed your removal of antitroy. Follow up with a full scan of your system with superantispyware or malwarebytes antimalware. Then follow THAT up with a scan with a trusted antivirus product….. f-prot – antivir/avg/mcafee/norton/trendmicro/etc.

Popularity: 1% [?]

   Send article as PDF   

• How to Remove ProtectPCs | ProtectPCs Removal Guide ProtectPCs is a rogue antivirus application from the Wini family of rogues. It will push itself through claims of it being a video codec update or flash player update. Usually these appear on a site that shows up in the search results for whatever latest greatest sought after video clip......
• How to Remove Malware Professional 2010 | Malware Professional 2010 Removal Guide Malware Professional 2010 is a rogue security application. It is not a trusted malware removal utility and I hope users won't be fooled by their claims of problem on their system that it claims only can be removed if you pay for their software. Unfortunately many users may be tricked......
• Remove SaveDefender | SaveDefender Removal SaveDefender is somewhat related to SafetyKeeper in look and feel which mimics the look and feel of the Windows Security Center (which is legitimate.) Safetykeeper creates multiple files on your machine that it later scans and claims are infected with viruses, trojans or other malware. It then scans and claims......

• Must Have Blogging Tools Blogging has developed a serious place for itself in the internet community for many different purposes including personal use and business uses. As a result, it has evolved into becoming a truly essential tool for people who want to build communications, deliver up to date news and information and otherwise......
• How to Choose the Best Coin Collection Software Coin collecting is something which has been happening for over 200 years. There are collectors which have written many different books to help other collectors understand the different things to look out for when buying and selling coins. These books have been treasured by all those who are getting started......
• What Is A Cloud Virtual Server Solution And How Will It Work? In recent years, cloud computing has seen more and more use. It offers new options for storing files and using the web and serves the base for many a social networking site. Internet use and communication have become much easier with the use of a cloud virtual server. The name......

Similar Posts

• How to Remove TrustSoldier | Trust Soldier Removal Guide
• How to Remove Cyber Protection Center | Removal Guide
• How to Remove AntiMalware | Antimalware Removal Guide
• How to Remove ReAnti | ReAnti Removal Guide
• How to Remove LinkSafeness | LinkSafeness Removal Guide

This entry was posted on Thursday, December 10th, 2009 at 5:59 pm and is filed under antivirus, malware, Rogue Security Software. You can follow any responses to this entry through the RSS 2.0 feed. Responses are currently closed, but you can trackback from your own site.