AntiMalware is a virus that in disguise. It is endorse as a program that will help protect the computer from Trojans and viruses. Definitely, it is not the real intention of this pretentious malware. AntiMalware rogue security application continuously displays different virus warning on the computer to get users attention. Then it will redirect them to own web site and pushes to purchase the registered version of AntiMalware fake program. Aside from that, AntiMalware virus will pretend as a firewall that will effectively reject network security attack.

By providing these kinds of activities once inside the system, there is an assurance that this unwanted application can win the trust of computer users. Moreover, there is a big chance that AntiMalware virus will attain its goal – that is to have users pay for the licensed version.

What’s more devastating about this fake program is its ability to remove certain legitimate security programs. AntiMalware virus also tries to connect on a remote website and further infect the computer by downloading additional threats. This move also strengthens its presence and imparts more damages It will disable Task Manager, Control Panel and Registry Editor which will make it difficult for ordinary users to remove AntiMalware virus.

Damage Level: Low

Systems Affected: Windows

Screenshot Image:

AntiMalware Virus

Additional Information:

“AntiMalware Network Security Alert” pop-up messages will constantly appear on computer who got infected with an AntiMalware virus. This will pretend as a firewall alert warning with the following message:

AntiMalware Network Security Alert
Network attack rejected!
Your computer is being attacked from remote host. Attack has been classified as Remote code execution attempt.
Attack from

AntiMalware Network Security Alert

Other than network security alert, this malware will pop-up fake syste tray messages that shows warnings like these:





It monitors the system for presence of the following security programs and remove if it exists.
Agnitum, Avast!, AVG, Avira AntiVir, BitDefender, F-Secure, Kaspersky, Malwarebytes’ Anti-Malware, NOD32, Sophos

How to Remove AntiMalware

Automatic Removal of Security Sphere 2012 Using Malwarebytes' Anti-Malware

In order to completely remove the threat, click here to download and run Malwarebytes Anti-Malware. Sometimes, Trojans will block the downloading and installation of MBAM. If this happens, download it from a clean computer and rename the executable file before executing on the infected machine.

Alternative Removal Method for AntiMalware

Option 1 : Use Windows System Restore to return Windows to previous state

If AntiMalware enters the computer, there is a big chance that Windows files, registry entries and other essential components are also infected. System Restore can reinstate clean system files by restoring the configuration to an earlier date. The method also replaces compromised files with a clean version. If you have a saved restore point before AntiMalware infiltrates the PC, we highly encourage you to execute this procedure if none of the above works. You may proceed with Windows System Restore, click here to see the full procedure.

Option 2 : AntiMalware manual uninstall guide

IMPORTANT! Manual removal of AntiMalware requires technical skills. Deleting system files and registry entries by mistake may result to total disability of Windows system. We advise you to perform a backup of registry before proceeding with this guide.

1. Kill any running process that belongs to AntiMalware.
- Press Ctrl+Alt+Del on your keyboard.
- When Windows Task Manager appears, look for AntiMalware files (refer to Technical Reference) and click End Process.

End Task

2. Delete all registry entries that belong to this malware.
- Press [Windows Key]+R on your keyboard.
- In the 'Open' dialog box, type regedit and press Enter. This will open registry editor.
- Find and delete registry entries as mentioned in Technical Reference section below.
- Close registry editor. Changes made will be save automatically.

Run Regedit

3. Scan the computer with antivirus program.
- Connect to Internet and open your antivirus software. Please update to obtain the latest database and necessary files.
- Restart the computer in Safe Mode.
- Just before Windows logo begins to load press F8 on your keyboard.
- On Windows Advanced Boot Options, select Safe Mode and press Enter.

4. Delete all files dropped by AntiMalware.
- While still in Safe Mode, search and delete malicious files. Please refer to 'Technical Reference'. Make sure that you execute 'End Task' first before deleting the file. Otherwise, the system will not let you perform this action.

C:\Program Files\AntiMalware\amext.dll C:\Program Files\AntiMalware\antimalware.exe C:\Program Files\AntiMalware\help.ico C:\Program Files\AntiMalware\malw.db C:\Program Files\AntiMalware\uninstall.exe C:\Documents and Settings\All Users\Desktop\AntiMalware Support.lnk C:\Documents and Settings\All Users\Desktop\AntiMalware.lnk C:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware C:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware Support.lnk C:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\AntiMalware.lnk C:\Documents and Settings\All Users\Start Menu\Programs\AntiMalware\Uninstall AntiMalware.lnk %Temp%\6yhnjuis.mof %Temp%\c.dat HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "AntiMalware" HKEY_CLASSES_ROOT\CLSID\{5E2121EE-0300-11D4-8D3B-444553540000} HKEY_LOCAL_MACHINE\SOFTWARE\Active Security HKEY_LOCAL_MACHINE\SOFTWARE\AntiMalware HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AntiMalware HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Shell Extensions\Approved "{5E2121EE-0300-11D4-8D3B-444553540000}"

4 Responses

  1. Giorgio T. says:

    -Spybot Search and Destroy

    It took a long while in order to get rid of these viruses (7hours)…

  2. Dawn Anderson says:

    the problem with this Virus Program is that it is now fine tuned enough to shut down your Fire wall, and all your legitimate programs that pertain to virus, malware, and other infections. I tried to turn them back on and Antimalware would not allow it. Every time you close one pop up window in this program, another pops up. I even tried to uncheck the setting that allows it to open when windows starts to no avail. This monster showed up on my 13 yr. old granddaughter’s computer. I finally gave up and wiped the hard drive, and started over, so she has a fresh install.
    Anything I tried to do to uninstall or get rid of this infection was in vain. Her computer is clean now, and she is more careful to update her IOBIT 360 and her microsoft security essentials and her Advanced System Care programs.

  3. Zac says:

    I need help I have one of these viruses on my gateway 2005 media center edition computer, and it says its damaged a bunch of stuff on my computer

  4. Rockingham I.T. Solutions says:

    A good free program to use is Malaware Bytes. Download, install, update ( as free it does not keep itself up to date ), if virus wont let you install then install in safe mode with networking ( on boot up press F8 key ). Safe mode with networking allows you to do updates of Malawarebytes.

    Run a few scans in safe mode and when the majority have been removed then run in normal mode.

    When it reports cant find anymore do full scan to make sure then update your own virus software and do full scan.

    Expect the whole lot to take about 6-7 hours to make sure it is really gone !

Leave a Reply

Your email address will not be published. Required fields are marked *