Anti-Malware Lab
Posted: July 7, 2011
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 10/10 |
---|---|
Infected PCs: | 2 |
First Seen: | July 7, 2011 |
---|---|
OS(es) Affected: | Windows |
Anti-Malware Lab is rogue security software that's closely related to previously-known scamware programs. Just likes its relatives, Anti-Malware Lab pretends to offer genuine security services but can only create fake infection warnings about problems that aren't on your PC in the first place. Rogue programs in the Anti-Malware Lab family may also create junk files, disable programs or take over your web browser to redirect you to hostile sites. You should remove Anti-Malware Lab by using an updated and reliable anti-virus application.
The Bitter PC Security Lies That Anti-Malware Lab Slips to You
Anti-Malware Lab is marketed by websites as an independent and powerful security program that can scan your PC for threats and even detect them spontaneously, upon occasion. In reality, Anti-Malware Lab is a clone of other malicious rogue programs like Personal Internet Security 2011, PC Security Guardian, and Best Malware Protection. Neither Anti-Malware Lab nor related rogue applications can find or delete viruses or other PC threats, and purchasing Anti-Malware Lab is an utter waste of your finances.
Anti-Malware Lab's system scans will turn up unpleasant results no matter what your computer's health happens to be, and any PC that's infected with Anti-Malware Lab will suffer through deceitful pop-ups like the following:
Warning
Warning! Virus detected
Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys
System alert
PC Security Guardian has detected potentially harmful software in your system. It is strongly recommended that you register PC Security Guardian to remove all found threats immediately.
System warning
No real-time malware, spyware and virus protection was found. Click here to activate.
ERROR MESSAGE:
Warning
Warning! Virus detected
Threat Detected: Trojans-Spy.HTML.Sunfraud.a
Further Details of Anti-Malware Lab's 'Protection Money' Scam
Anti-Malware Lab's fake errors may fool you if you're unprepared for the sophisticated extremes of Anti-Malware Lab's infection presentation scam. Anti-Malware Lab may utilize these errors messages while blocking programs to make it look as though the programs are being blocked for your own good, but Anti-Malware Lab really is blocking them to make you want to purchase an Anti-Malware Lab registration key.
Another common tactic that's used by Anti-Malware Lab and similar rogue programs is to create dummy files with gibberish names. These files contain no harmful content but can be alarming when Anti-Malware Lab points at them as being infections. Of course, without Anti-Malware Lab on your PC, you wouldn't see these 'infections' appearing at all. They serve no purpose save to clutter up your hard drive and make it look as though there are more attackers on your PC besides just Anti-Malware Lab.
A last attack that Anti-Malware Lab shares with many other rogue products is the ability to hijack your web browser. Hijacks can change your homepage settings, create pop-ups, redirect you from one website to another one and create fake errors. Thankfully, using Safe Mode may allow you to disable all of Anti-Malware Lab's many attacks until you can get around to deleting Anti-Malware Lab.
Since many rogue programs, including Anti-Malware Lab, may use Trojans to install themselves onto your PC, you should be prepared to use a high-quality security program to scan your entire PC for Anti-Malware Lab and any related infections.
File System Modifications
- The following files were created in the system:
# File Name 1 %AppData%\Anti-Malware Lab 2 %AppData%\Anti-Malware Lab\cookies.sqlite 3 %AppData%\Anti-Malware Lab\Instructions.ini 4 %CommonAppData%\[random] 5 %CommonAppData%\[random]\[random] 6 %CommonAppData%\[random]\[random].dll 7 %CommonAppData%\[random]\[random].exe 8 %CommonAppData%\[random]\[random].mof 9 %CommonAppData%\[random]\[random].ocx
Registry Modifications
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKCU\Software\Microsoft\Internet Explorer\Download "RunInvalidSignatures" = "1"HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings "ProxyServer" = "http=127.0.0.1"HKCU\Software\Microsoft\Windows\CurrentVersion\Run "Anti-Malware Lab"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options "Debugger" = "svchost.exe"
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:b1e3d1680706a84630752865c948b451
File name: b1e3d1680706a84630752865c948b451Size: 2.42 MB (2422272 bytes)
MD5: b1e3d1680706a84630752865c948b451
Detection count: 81
Group: Malware file
Registry Modifications
File name without pathAnti-Malware Lab.lnk
i just doownloaded the free version of it and it said i had 20 malicious progams, would that be true? and how to they get your internet to download it