Removing Rogue 'Security'

jamor

PC MightyMax 2009 was included with the purchase of my new HP a6827c with Windows Vista.  After trying out MightyMax I decided I didn’t want it due to its obscene costs. I obtained the instructions for removal—go to the Start menu, go to the PC MightyMax folder, and hit the uninstall button, but the software does not fully uninstall. Help!

—Shannon Swank

Doctor, I managed to get two computers infected with AntiVirus2009, simply by following a link to a video review online. Both machines run Windows XP Professional SP3. One is a Dell Vostro laptop, the other is a desktop I built about three years ago.

I’ve run Malwarebytes’ Anti-Malware, which removed a bunch of copies, Rogue Remover, SuperAntiSpyware, ThreatFire, and ZoneAlarm Internet Security, but every so often a new browser window will suddenly open and try to access AntiVirus2009.com. I’ve looked at every website on the Internet (well almost) and nothing I’ve tried will get rid of it on either computer. The only way I’ve been able to keep using the computers is to manually block antivirus200*.* in ZoneAlarm. Every time I check the log, there’s entry after entry where it tried to send an ICMP ping to that website or tried to open Firefox to access it. I’m at the end of my rope. I don’t know what else to do and I’m sure that there are other people out there having much the same problem as I am. Is my only hope to re-install Windows?

—Steve Rugg
Ah, our least favorite kind of malware: the kind that masquerades as useful software. Here we have two of the most insidious and widely spread flavors. PC MightyMax is a fake antivirus app that throws up false positives in an attempt to get you to pay for it. The Internet is full of people trying to remove PC MightyMax, and the general consensus is that Malwarebytes’ Anti-Malware ( www.malwarebytes.org ) will remove the program. If not, you’ll have to remove it manually. Start the Task Manager and end the following processes: pcmm.exe, ExeAfter.exe, PCMightyMaxSetup[1].exe, and any other processes with PC MightyMax in the title or location. Then run msconfig and prevent them from running at startup. Reboot and delete the folder. Run CCleaner ( www.ccleaner.com ) to remove registry crud.

Antivirus 2009 is another faux-security malware program, but it’s even more insidious. Since you’ve already tried Malwarebytes’ Anti-Malware, which effectively removes most malware (including, for most people, Antivirus 2009), but your problems persist, you’ll want to check out our full malware-removal how-to for detailed instructions on purging your machine of baddies. If your problems persist even after a thorough scrub-down, however, you may have to reinstall Windows. It sucks, we know, but not as much as a security-compromised PC.

SUBMIT YOUR QUESTION Are flames shooting out of the back of your rig? First, grab a fire extinguisher and douse the flames. Once the pyrotechnic display has fizzled, email the doctor at doctor@maximumpc.com for advice on how to solve your technological woes.

Around the web

by CPMStar (Sponsored) Free to play

Comments