Remove AntiMalwareSuite (Removal Instructions)

AntiMalwareSuite is a rogue security software, it is a false anti-spyware application that is generally installed in the user’s computer by dangerous trojans (such as Zlob and false video codecs), but it can also be installed manually by the victim.

Once your computer is infected with this parasite, it will immediately displays security warnings, alerts and system scans stating that your computer is heavily infected. These warnings are all false and are only displayed to make you think your computer is truly infected and that it is necessary to buy the full version of the software to remove the so-called infections.

Make sure to not fall in this scam, if your computer is infected with AntiMalwareSuite, it is recommended to remove it immediately and to scan your system with a real security software.

Symptoms of infection

  • The process bootrem.exe is running in your system
  • The process AMS.exe is running in your system
  • The process PaymentPage.exe is running in your system
  • The process InstUp.exe is running in your system
  • The process QuickInstallPack.exe is running in your system
  • Slow computer performance
  • Repeated security warnings, alerts and system scans
  • Web sites that suddenly are shown on your desktop

Malicious web sites and urls:

1
pcantimalwaresolution.com

When the program is executed, it creates the following files:

1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
%ProgramFiles%\AntiMalwareSuite
%ProgramFiles%\AntiMalwareSuite\quaratine.dat
%ProgramFiles%\AntiMalwareSuite\Activate.dat
%ProgramFiles%\AntiMalwareSuite\AMS.exe
%ProgramFiles%\AntiMalwareSuite\AMS.xml
%ProgramFiles%\AntiMalwareSuite\appupdate.dat
%ProgramFiles%\AntiMalwareSuite\AsAgents.dll
%ProgramFiles%\AntiMalwareSuite\AsAgents.xml
%ProgramFiles%\AntiMalwareSuite\atl71.dll
%ProgramFiles%\AntiMalwareSuite\AutoProcess.dat
%ProgramFiles%\AntiMalwareSuite\dbupdate.dat
%ProgramFiles%\AntiMalwareSuite\InstUp.exe
%ProgramFiles%\AntiMalwareSuite\lapv.dat
%ProgramFiles%\AntiMalwareSuite\license.rtf
%ProgramFiles%\AntiMalwareSuite\manual.pdf
%ProgramFiles%\AntiMalwareSuite\mfc71.dll
%ProgramFiles%\AntiMalwareSuite\msvcp71.dll
%ProgramFiles%\AntiMalwareSuite\msvcr71.dll
%ProgramFiles%\AntiMalwareSuite\PaymentPage.exe
%ProgramFiles%\AntiMalwareSuite\ps.dat
%ProgramFiles%\AntiMalwareSuite\pv.dat
%ProgramFiles%\AntiMalwareSuite\readme.rtf
%ProgramFiles%\AntiMalwareSuite\scanlog.xml
%ProgramFiles%\AntiMalwareSuite\settings.ini
%ProgramFiles%\AntiMalwareSuite\shellext.dll
%ProgramFiles%\AntiMalwareSuite\shellext.xml
%ProgramFiles%\AntiMalwareSuite\Summary.dat
%ProgramFiles%\AntiMalwareSuite\tasks.dat
%ProgramFiles%\AntiMalwareSuite\threatnet.dat
%ProgramFiles%\AntiMalwareSuite\threatnet.ini
%ProgramFiles%\AntiMalwareSuite\unins000.dat
%ProgramFiles%\AntiMalwareSuite\unins000.exe
%ProgramFiles%\AntiMalwareSuite\uninstall.ico
%ProgramFiles%\AntiMalwareSuite\up.dat
%ProgramFiles%\AntiMalwareSuite\updateapp.dat
%ProgramFiles%\AntiMalwareSuite\updatedb.dat
%ProgramFiles%\AntiMalwareSuite\UserAgent.dll
%ProgramFiles%\AntiMalwareSuite\database
%ProgramFiles%\AntiMalwareSuite\database\knownfiles.dat
%ProgramFiles%\AntiMalwareSuite\database\MalwareDB.dat
%ProgramFiles%\AntiMalwareSuite\database\TEBase.dat
%ProgramFiles%\AntiMalwareSuite\database\vbpv.dat
%ProgramFiles%\AntiMalwareSuite\Download
%ProgramFiles%\AntiMalwareSuite\quaratine.dat\#post_quarantine
%ProgramFiles%\AntiMalwareSuite\RTMonitor.dat
c:\WINDOWS\system32\bootrem.exe
%AllUsers%\Start Menu\Programs\AntiMalwareSuite
%AllUsers%\Start Menu\Programs\AntiMalwareSuite\AntiMalwareSuite.lnk
%AllUsers%\Start Menu\Programs\AntiMalwareSuite\AntiMalwareSuite Online Manual.url
%AllUsers%\Start Menu\Programs\AntiMalwareSuite\AntiMalwareSuite on the Web.url
%AllUsers%\Start Menu\Programs\AntiMalwareSuite\Contact Us.url
%AllUsers%\Start Menu\Programs\AntiMalwareSuite\Uninstall AntiMalwareSuite.lnk
%User%\Desktop\AntiMalwareSuite.lnk
%UserProfile%\Local Settings\Application Data\qip
%UserProfile%\Local Settings\Application Data\qip\AMS_FreeSetup.exe.ini
%UserProfile%\Local Settings\Application Data\qip\data.ini
%UserProfile%\Local Settings\Application Data\qip\iercpt.dll
%UserProfile%\Local Settings\Application Data\qip\QuickInstallPack.exe
%UserProfile%\Local Settings\Application Data\UAMS_QIP
%UserProfile%\Local Settings\Application Data\UAMS_QIP\data.ini
%UserProfile%\Local Settings\Temp\AMS_FreeSetup.exe
%UserProfile%\Start Menu\Programs\QuickInstallPack
%UserProfile%\Start Menu\Programs\QuickInstallPack\QuickInstallPack on the Web.url
%UserProfile%\Start Menu\Programs\QuickInstallPack\QuickInstallPack.lnk
%UserProfile%\Start Menu\Programs\QuickInstallPack\Uninstall QuickInstallPack.lnk

The program creates the following registry entries:

1
2
3
4
5
6
7
8
9
10
11
HKCU\Software\AntiMalwareSuite
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\AntiMalwareSuite
HKCU\Software\Microsoft\Windows\CurrentVersion\Run\QuickInstallPack
HKCR\amshellext.ShellHook
HKCR\amshellext.ShellHook.1
HKCR\iercpt.iercptbho
HKCR\iercpt.iercptbho.1
HKCR\washellext.WASContextMenu
HKCR\washellext.WASContextMenu.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AMS_is1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\QuickInstallPack

How to remove AntiMalwareSuite (manual removal) ?

  • Kill the running process bootrem.exe
  • Kill the running process AMS.exe
  • Kill the running process InstUp.exe
  • Kill the running process PaymentPage.exe
  • Kill the running process QuickInstallPack.exe
  • Unregister all the AntiMalwareSuite DLLs
  • Delete all the AntiMalwareSuite files
  • Delete all the AntiMalwareSuite registry entries

How to remove AntiMalwareSuite (automatic removal) ?

Random Posts

Previous Posts