Sign in to follow this  
Christian Mairoll

Malware Destructor 2011 Adware Removal Instructions

Recommended Posts

The Emsisoft malware research team has discoverd a new outbreak of the Malware Destructor 2011 adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.MalwareDestructor2011.

Malware Destructor 2011 is a rogue security program. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

  • %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48CKB8472063.exe
  • %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48Clocal.ini
  • %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48Cenemies-names.txt
  • %UserProfile%Application DataMicrosoftInternet ExplorerQuick LaunchMalware Destructor.lnk
  • %UserProfile%DesktopMalware Destructor.lnk
  • %UserProfile%Start MenuMalware Destructor.lnk
  • %UserProfile%Start MenuProgramsMalware DestructorMalware Destructor.lnk
  • %UserProfile%Start MenuProgramsMalware DestructorUninstall.lnk
  • %UserProfile%Start MenuProgramsStartupMalware Destructor.lnk

Create registry entries:

  • HKEY_CURRENT_USERsoftwareMalware Destructor IncMalware Destructor
    (SZ) datarl1 = KRoAGVdOQx8EChElF00dAQ==
    (SZ) datarl2 = KRoAGVdOQwQOABEnBwYXBFwiLw==
    (SZ) datarlA = KRoAGVdOQx8EChElF00dAQ==
    (SZ) install_time = 9/9/2010 2:28:17 AM
    (SZ) database_version = 243
    (SZ) virus_signatures = 63616
    (SZ) affid = 7080010100
    (SZ) coid = 6983533E412C69351CEA9FFACDD9B48C
    (SZ) nsaftscann = 1
    (SZ) nsa = 1
    (SZ) nsaftscanunp = 1
  • HKEY_CURRENT_USERsoftwareMalware Destructor IncMalware Destructor 2011
    (SZ) coid = 6983533E412C69351CEA9FFACDD9B48C
  • HKEY_CURRENT_USERsoftwareMicrosoftWindowsCurrentVersionRun
    (SZ) KB8472063.exe = %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48CKB8472063.exe
  • HKEY_CURRENT_USERsoftwareMicrosoftWindowsCurrentVersionUninstallMalware Destructor
    (SZ) DisplayIcon = %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48CKB8472063.exe,0
    (SZ) DisplayName = Malware Destructor
    (SZ) UninstallString = %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48CKB8472063.exe /uninstall
    (SZ) InstallLocation = %UserProfile%Application Data6983533E412C69351CEA9FFACDD9B48C
    (DWORD) NoModify = 0×00000001 (1)
    (DWORD) NoRepair = 0×00000001 (1)

Screenshots:

Adware.Win32.MalwareDestructor2011_1-400

Adware.Win32.MalwareDestructor2011_2-400

Adware.Win32.MalwareDestructor2011_3-400

Adware.Win32.MalwareDestructor2011_4-400

Adware.Win32.MalwareDestructor2011_5-400

Adware.Win32.MalwareDestructor2011_6-400

Adware.Win32.MalwareDestructor2011_7-400

How to remove the infection of Malware Destructor 2011 (Adware.Win32.MalwareDestructor2011)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.



View the full article

Share this post


Link to post
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

Sign in to follow this  

  • Recently Browsing   0 members

    No registered users viewing this page.