How to Remove AntiTroy | AntiTroy Removal Guide



AntiTroy is a rogue antivirus application that is usually installed through trojans that are masquerading as a video codec update or flash player update. It usually installs without the computer users permission and will complain about many security issues with your pc. It will claim that there are virus infected files that should be removed and of course, it couldn’t possibly fix the problems until you pay for their software. This is essentially a scam to separate you from your money and you should read on for how to remove antitroy.


First you may wish to visit the control panel and use the add/remove programs dialog to see if you can uninstall antitroy. If that works, GREAT! Now, download a tool such as malwarebytes antimalware or superantispyware and do an update and scan with one of those as well as a follow up scan with AVG/Avira or another trusted antivirus application such as housecall from trendmicro or McAfee or Norton.

You can download malwarebytes antimalware from my virus removal toolkit page. While you’re there you may also wish to download process explorer as you may need it further in the removal process.

If you are unable to install malwarebytes antimalware you may try the following tricks to help get it installed. 1) rename the installer from mbam-setup.exe to something like firefox.exe and retry the install, update and scan. 2) reboot into safe mode (with networking) and retry the install/update and scan. 3) Go to the next step which will be killing off the running processes associated with AntiTroy and then retry your install of malwarebytes (without rebooting.)

The following processes should be killed off using the task manager. If the task manager does not launch you may try the following: 1) copy the executable file for the task manager (taskmgr.exe) and paste it to the desktop. Once there rename it to something like iexplore.exe and launch this renamed program to kill off the processes. 2) reboot into safe mode and see if the processes are running. 3) Use process explorer instead to kill off the following programs:

AntiTroy.exe
RANDOM.exe

The above files have a randomization component to them – it may be mostly numbers – use the file locations you see listed below as well as the information you find on your system to determine which processes to terminate.

The following files and folders should be deleted for a full manual removal of antitroy:

%docs%\All Users\Desktop\AntiTroy.lnk
%docs%\All Users\Start Menu\Programs\AntiTroy
%docs%\All Users\Start Menu\Programs\AntiTroy\1 AntiTroy.lnk
%docs%\All Users\Start Menu\Programs\AntiTroy\2 Homepage.lnk
%docs%\All Users\Start Menu\Programs\AntiTroy\3 Uninstall.lnk
%progfiles%\AntiTroy Software
%progfiles%\AntiTroy Software\AntiTroy
%progfiles%\AntiTroy Software\AntiTroy\AntiTroy.exe
%progfiles%\AntiTroy Software\AntiTroy\main_config.xml
%progfiles%\AntiTroy Software\AntiTroy\uninstall.exe
%win%\1009stea525z1.dll
%win%\1018zhr5at19497.ocx
%win%\101z5hie92236.ocx
%win%\system32\1853worz2f19.bin
%win%\system32\18f0addwaze5917.ocx
%win%\system32\194z45py6b9.ocx
%win%\system32\RANDOM.exe

After this you should have completed your removal of antitroy. Follow up with a full scan of your system with superantispyware or malwarebytes antimalware. Then follow THAT up with a scan with a trusted antivirus product….. f-prot – antivir/avg/mcafee/norton/trendmicro/etc.

   Send article as PDF   

Similar Posts