|
Title: MaCatte Antivirus 2009
Type: Rogue Antispyware
Remove MaCatte Antivirus 2009. Removal instructions
Also known as: MaCatte Antivirus, MaCatte
Severity scale:
 (72 / 100)
 [Figure 1 - MaCatte Antivirus 2009 graphical user interface] MaCatte Antivirus is promoted through the use of Trojans that comes from fake My Computer online scanners [Figure 2]. Fake online scanners display notifications and alerts stating that your computer is baldy infected with malware, mainly Trojans. One of such fake scanners is http://proscan5.info. Other distribution channels are peer-to-peer networks, newsgroup postings, social networking websites and etc.  [Figure 2 - MaCatte Antivirus 2009 fake online scanner template] Once installed, MaCatte Antivirus 2009 will be automatically configured to start system scan each time you log on into Windows. The scan results are of course false. You may safely ignore them. Then the rogue application will prompt you to pay for a full version of the program to remove the threats. To make things worse, MaCatte will display fake security alerts and notifications like every on or two minutes [Figure 3]. It will also impersonate Windows Security Center and state that your computer is unprotected and that you should purchase MaCatte Antivirus 2009 to ensure full system protection. As you may know, the legitimate Windows Security Center does not promote any antivirus software.  [Figure 3 - MaCatte Antivirus 2009 fake security alerts] Spyware activity alert! Spyware.IEMonster activity detected. It is spyware that attempts to steal passwords from Internet Explorer, Mozilla Firefox, Outlook and other other programs, including logins and passwords from online baking sessions, eBay, PayPal. What is more, MaCatte Antivirus 2009 will block currently installed or downloaded anti-virus software. It will hijack your web browser and redirect you to various misleading websites including the rogue program homepage www.macatte.com. If you find that your computer is infected with this malware, please use the removal guide below to remove MaCatte Antivirus from the system manually for free. If you have already purchased it, you should contact your credit card company and dispute the charges. Related files: mstdll.exe, mcsa.exe, mcsa (in Windows Vista), mcsa, mac.exe, msca.lnk, WPtect.dll, mcull.exe, viruses.dat, mstdl.exe, msca.ico, msc.exe MaCatte Antivirus 2009 properties: • Changes browser settings • Shows commercial adverts • Stays resident in background Automatic MaCatte Antivirus 2009 removal: 
Tested and Confirmed! STOPzilla removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
Tested and Confirmed! Malwarebytes Anti Malware removes MaCatte Antivirus 2009 (2009-11-05 01:38:15)
We are testing Spyware Doctor's efficiency at removing MaCatte Antivirus 2009
(2009-11-06 08:17:56)
MaCatte Antivirus 2009 manual removal:Kill processes:msc.exe mstdl.exe mcull.exe mac.exe Delete registry values: HKEY_CURRENT_USER\Software\msca HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{459b6bf8-5320-4c41-8833-85baedf31086} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A73890FC-177F-4198-AE3D-C64F7D9E69D8} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ControlPanel\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Desktop\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MyComputer\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\NetworkNeighborhood\NameSpace\{459b6bf8-5320-4c41-8833-85baedf31086} HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce "msca" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "wsc" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "msc" HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\msca HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPost "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnPostRedirect "0" HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnonBadCertRecving "0" Unregister DLLs: WPtect.dll Delete files: mac.exe mcsa.exe mstdll.exe msc.exe mcull.exe msca.ico Viruses.dat msca.ico Viruses.dat WPtect.dll msca.lnk Delete directories: C:\Program Files\msca\ C:\Users\All Users\Application Data\mcsa C:\Documents and Settings\All Users\Application Data\msca C:\Documents and Settings\All Users\Start Menu\Programs\msca C:\Documents and Settings\%User name%\Local Settings\Temp (delete only mac.exe file in this folder) C:\Users\%User name%\AppData\Local\Temp\[RANDOM CHARACTERS.tmp]\ 
Information added: 2009-11-05 01:38:15
Information updated: 2009-11-06 05:40:41 Additional resources related to MaCatte Antivirus 2009:Attention: If you know or you have a website or page about MaCatte Antivirus 2009 removal, feel free to add a link to this list: add url |
Latest spyware news:
Subscribe to news
Similar parasites:
|
FORUM:
HELP:
Spreading the knowledge:
It is very hard to fight Computer parasites alone in internet space. If you have a website we would be more than happy if you would help us to spread the knowledge about latest threats. You can help your
visitors to manage their Computer system manually without aditional expences. Knowledge is the power, we just need to spread it.
Post Comment: