Severity scale  
  (72/100)

MaCatte Antivirus 2009. How to Remove? (Uninstall Guide)

removal by - -   Also known as MaCatte Antivirus, MaCatte | Type: Rogue Antispyware
12
MaCatte Antivirus 2009 is a misleading anti-virus application that attempts to impersonate well known and trusted McAfee security software. The rogue application gives false reports of system security threats or infections and displays fake alerts to trick you into purchasing a full version of the program to remove non-existing infections. This is a scam. Do not purchase this bogus application and uninstall MaCatte Antivirus 2009 from your computer upon detection. The graphical user interface of this malware is shown below.

MaCatte Antivirus 2009 graphical user interface
[Figure 1 - MaCatte Antivirus 2009 graphical user interface]

MaCatte Antivirus is promoted through the use of Trojans that comes from fake My Computer online scanners [Figure 2]. Fake online scanners display notifications and alerts stating that your computer is baldy infected with malware, mainly Trojans. One of such fake scanners is http://proscan5.info. Other distribution channels are peer-to-peer networks, newsgroup postings, social networking websites and etc.

MaCatte fake online scanner template
[Figure 2 - MaCatte Antivirus 2009 fake online scanner template]

Once installed, MaCatte Antivirus 2009 will be automatically configured to start system scan each time you log on into Windows. The scan results are of course false. You may safely ignore them. Then the rogue application will prompt you to pay for a full version of the program to remove the threats. To make things worse, MaCatte will display fake security alerts and notifications like every on or two minutes [Figure 3]. It will also impersonate Windows Security Center and state that your computer is unprotected and that you should purchase MaCatte Antivirus 2009 to ensure full system protection. As you may know, the legitimate Windows Security Center does not promote any antivirus software.

MaCatte Antivirus 2009 fake security alerts
[Figure 3 - MaCatte Antivirus 2009 fake security alerts]


Spyware activity alert!
Spyware.IEMonster activity detected. It is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other other programs, including logins and passwords from online baking sessions, eBay, PayPal.

What is more, MaCatte Antivirus 2009 will block currently installed or downloaded anti-virus software. It will hijack your web browser and redirect you to various misleading websites including the rogue program homepage www.macatte.com. If you find that your computer is infected with this malware, please use the removal guide below to remove MaCatte Antivirus from the system manually for free. If you have already purchased it, you should contact your credit card company and dispute the charges. Related files: mstdll.exe, msc.exe

MaCatte Antivirus 2009 properties:
• Changes browser settings
• Shows commercial adverts
• Stays resident in background

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Download
Reimage - remover Happiness
Guarantee
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall MaCatte Antivirus 2009. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall MaCatte Antivirus 2009. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
STOPzilla
Tested and Confirmed! STOPzilla removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
Plumbytes
We are testing Plumbytes's efficiency (2009-11-06 05:40)
Hitman Pro
STOPzilla
Tested and Confirmed! STOPzilla removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
Malwarebytes Anti Malware
Tested and Confirmed! Malwarebytes Anti Malware removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
Webroot SecureAnywhere AntiVirus

MaCatte Antivirus 2009 manual removal

Kill processes:
msc.exe
mstdl.exe
mcull.exe
mac.exe
Delete registry values:
HKEY_CURRENT_USER\Software\msca
HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{459b6bf8-5320-4c41-8833-85baedf31086}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A73890FC-177F-4198-AE3D-C64F7D9E69D8}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "msca"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "wsc"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "msc"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\msca
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect "0"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving "0"
Unregister DLLs:
WPtect.dll

Delete files:
mac.exe
mcsa.exe
mstdll.exe
msc.exe
mcull.exe
msca.ico
Viruses.dat
msca.ico
Viruses.dat
WPtect.dll
msca.lnk
Delete directories:
C:\Program Files\msca\
C:\Users\All Users\Application Data\mcsa
C:\Documents and Settings\All Users\Application Data\msca
C:\Documents and Settings\All Users\Start Menu\Programs\msca
C:\Documents and Settings\%User name%\Local Settings\Temp (delete only mac.exe file in this folder)
C:\Users\%User name%\AppData\Local\Temp\[RANDOM CHARACTERS.tmp]\

Information updated:

Comments on MaCatte Antivirus 2009

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name



«

(All fields are required)