Title: AntiLamer Light

Remove AntiLamer Light. Removal instructions

Severity scale:

(60 / 100)

This RAT program is just one of a big RAT virus family, created by OverG. Like itâ€™s "brother" AntiLamer Backdoor, it is supposed to steal valuable info from users. But it is much easier to use and has much less functions. The main purpose of this software is stealing passwords. To do so, the program tries to capture passwords as they are transmitted. The origination date is May 2002. The programming language is Delphi. Several versions appeared since May 2002 to April 2003.

AntiLamer Light properties:
• Allows remote user connection
• Logs keystrokes
• Hides from the user
• Stays resident in background

Automatic AntiLamer Light removal:

remover for AntiLamer Light

SpyHunter is recommended remover to uninstall AntiLamer Light. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manul removal instructions below.

If you failed to remove AntiLamer Light using SpyHunter please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.

STOPzilla

download | review

We are testing STOPzilla's efficiency at removing AntiLamer Light (2005-03-11 06:32:41)

Malwarebytes Anti Malware

download | review

We are testing Malwarebytes Anti Malware's efficiency at removing AntiLamer Light (2005-03-11 06:32:41)

Spyware Doctor

download | review | tutorial

We are testing Spyware Doctor's efficiency at removing AntiLamer Light (2005-03-11 06:32:41)

XoftSpySE Anti Spyware

download | review

AntiLamer Light manual removal:

FORUM:
Discuss AntiLamer Light in
spyware removal forum

Kill processes:
config.exe, editsrv.exe, [program files]\\websx\\int327777.exe, [program files]\\websx\\int339890.exe, runw.exe, server.exe, [system root]\\runwin32.exe, [system root]\\system\\runwin.exe, [system root]\\system\\runwindows32.exe, trojan1.exe, trojan2.exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_LOCAL_MACHINE\software\antilamer backdoor\color1 HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\color1 HKEY_LOCAL_MACHINE\software\antilamer backdoor\color2 HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\color2 HKEY_LOCAL_MACHINE\software\antilamer backdoor\color3 HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\color3 HKEY_LOCAL_MACHINE\software\antilamer backdoor\downloadfolder HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\downloadfolder HKEY_LOCAL_MACHINE\software\antilamer backdoor\ip HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\ip HKEY_LOCAL_MACHINE\software\antilamer backdoor\lang HKEY_LOCAL_MACHINE\software\antilamer backdoor\loggerport HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\loggerport HKEY_LOCAL_MACHINE\software\antilamer backdoor\nick HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\nick HKEY_LOCAL_MACHINE\software\antilamer backdoor\port HKEY_LOCAL_MACHINE\software\anti-lamer backdoor\port HKEY_LOCAL_MACHINE\software\classes\acontixcontrol HKEY_LOCAL_MACHINE\software\classes\clsid\{7589eee6-e336-11d4-8a7e-ee1d971d9b47} HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7589eee6-e336-11d4-8a7e-ee1d971d9b47} HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7589eee6-e336-11d4-8a7e-ee1d971d9b47}\installer HKEY_LOCAL_MACHINE\software\microsoft\code store database\distribution units\{7589eee6-e336-11d4-8a7e-ee1d971d9b47}\systemcomponent HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\af HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\av HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\con HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\con1 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\con2 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\myp HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\number HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\numberon HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\keyconfig\ps HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/acontix.ocx\.owner HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\moduleusage\c:/windows/downloaded program files/acontix.ocx\{7589eee6-e336-11d4-8a7e-ee1d971d9b47} HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\runwin32 HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\run\runwindows HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\5-1-14-24\displayicon HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\5-1-14-24\displayname HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\uninstall\5-1-14-24\uninstallstring

HELP:
how to remove registry entries

Unregister DLLs:
edit.dll

HELP:
how to unregister malicious DLLs

Delete files:
_iu14d2n.tmp-065eaffd.pf, 6.26.2004.10.53.33....0.reg, 6.26.2004.10.53.34....1.dat 6.26.2004.10.53.34....1.reg aconti.exe-105d3294.pf alb.exe-01f9e69e.pf alb.exe-0e801625.pf alb.exe-0fe358f0.pf alb.exe-328f3713.pf antilamer light.txt backdoor.antilam.13.a.exe-3ab6a254.pf backdoor.antilam.20.j.exe-25e4239f.pf collecteddata_127.xml collecteddata_196.xml collecteddata_200.xml collecteddata_202.xml collecteddata_210.xml collecteddata_218.xml config.exe config.exe-0b915f83.pf config.exe-28993197.pf [desktop]\\5-1-14-24.lnk drwtsn32.exe-2b4b52ac.pf edit.dll editsrv.exe editsrv.exe-020c4fa9.pf edtsrv.exe-34c94755.pf edtsrv.exe-3861317c.pf edtsrv.exe-39d44f73.pf edtsrv.exe-3af77064.pf english.reg int327777.exe-22f4e5c7.pf int327777.exe-317926e6.pf int327777.sdb joiner.exe-37b4e594.pf new_alb.exe-080f644e.pf [profile path]\\administrator\\start menu\\5-1-14-24.lnk [profile path]\\administrator\\start menu\\programs\\5-1-14-24.lnk [program files]\\websx\\int327777.exe [program files]\\websx\\int339890.exe [program files]\\websx\\websx.ini readme.htm readme.txt runw.exe runw.exe-0acf03f1.pf server.exe server.exe-04168f44.pf server.exe-19885956.pf server.exe-1e8ebe0c.pf server.exe-1ea17666.pf server.exe-1fb68265.pf server.exe-1ff20139.pf smt.exe-245bb5ee.pf [system root]\\runwin32.exe [system root]\\system\\runwin.exe [system root]\\system\\runwindows32.exe trojan.exe-0c7fe615.pf trojan.psw.allight.10.b trojan1.exe trojan1.exe-007581cd.pf trojan1.exe-0d8b60b3.pf trojan2.exe trojan2.exe-12ee91de.pf trojan2.exe-2c402d8d.pf unins000.exe-1da47506.pf websx.dlg

HELP:
how to remove harmful files

Delete directories:
[program files]\websx

Information added: 2005-03-05 06:13:14
Information updated: 2005-03-11 03:55:26

Additional resources related to AntiLamer Light:

Attention: If you know or you have a website or page about AntiLamer Light removal, feel free to add a link to this list: add url

more resources

Post Comment:

Attention: Use this form only if you have additional information about AntiLamer Light parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Latest spyware news:

Subscribe to news

Similar parasites:

Compare spyware removers
Compare free products

HijackThis Log Analyzer Beta 2

Spreading the knowledge:

It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.