How to remove W32.Ackantta.B@mm worm

Malware Description:
According to computer security data provided by reputable IT labs, W32.Ackantta.B@mm is a “mass-mailing” worm which specializes in collecting user-identifying data (e-mail addresses mostly). W32.Ackantta.B@mm spreads by replicating itself to removable media and shared computer folders. Well, that’s the encyclopaedic information, and it’s absolutely correct. However, there have recently been occasions when W32.Ackantta.B@mm worm (along with Trojan.Win32.Agent.Azsy and W32.Pavsee.C) was a figurant of the distribution campaign deployed by one of today’s most devastating rogue anti-spywares called Personal Antivirus. Please, take a close look at the snapshot below – it’s a misleading popup alert generated by Personal Antivirus unregistered version for self-promotion purposes. Having received an excessive portion of such fake ads, the user is expected to start believing his/her computer is being actually attacked by W32.Ackantta.B@mm worm. And that’s precisely what Personal Antivirus wants you to think since, in that case, it will have a good reason to offer you registering its licensed version and, of course, paying for it. It’s not reasonable to trust Personal Antivirus ads, otherwise you will put your system at risk by your own initiative. Please, follow the step-by-step security guide below to uninstall the malicious apps triggering the “W32.Ackantta.B@mm – Worm Found!” alerts.

Malware Type: Worms

Malware Author: Innovagest2000 SL

Threat Level: Critical

Advice: Immediately remove and scan for additional malware

W32.Ackantta.B@mm Free Scanner and Remover: Download Now

W32.Ackantta.B@mm Related Ad Screenshot:

W32.Ackantta.B@mm

How to remove W32.Ackantta.B@mm worm manually:
Manual removal of W32.Ackantta.B@mm is feasible if you have sufficient expertise in working with program files, system processes, .dll files and registry entries.

The files to be deleted are listed below:

  • %Documents and Settings%\All Users\Desktop\Personal Antivirus.lnk
  • %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus
  • %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus Home Page.lnk
  • %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Personal Antivirus.lnk
  • %Documents and Settings%\All Users\Start Menu\Programs\Personal Antivirus\Purchase License.lnk
  • %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Personal Antivirus.lnk
  • %UserProfile%\Application Data\Personal Antivirus
  • %UserProfile%\Application Data\Personal Antivirus\settings.ini
  • %UserProfile%\Application Data\Personal Antivirus\uill.ini
  • %UserProfile%\Application Data\Personal Antivirus\unins000.exe
  • %UserProfile%\Application Data\Personal Antivirus\Uninstall Personal Antivirus.lnk
  • %UserProfile%\Application Data\Personal Antivirus\db
  • %UserProfile%\Application Data\Personal Antivirus\db\config.cfg
  • %UserProfile%\Application Data\Personal Antivirus\db\Timeout.inf
  • %UserProfile%\Application Data\Personal Antivirus\db\Urls.inf
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe
  • %Program Files%\Personal Antivirus
  • %Program Files%\Personal Antivirus\activate.ico
  • %Program Files%\Personal Antivirus\Explorer.ico
  • %Program Files%\Personal Antivirus\PerAvir.exe
  • %Program Files%\Personal Antivirus\unins000.dat
  • %Program Files%\Personal Antivirus\uninstall.ico
  • %Program Files%\Personal Antivirus\working.log
  • %Program Files%\Personal Antivirus\db
  • %Program Files%\Personal Antivirus\db\DBInfo.ver
  • %Program Files%\Personal Antivirus\db\ia080614.db
  • %Program Files%\Personal Antivirus\db\ia080618x.db
  • %Program Files%\Personal Antivirus\Languages
  • %Program Files%\Personal Antivirus\Languages\IAEs.lng
  • %Program Files%\Personal Antivirus\Languages\IAFr.lng
  • %Program Files%\Personal Antivirus\Languages\IAGer.lng
  • %Program Files%\Personal Antivirus\Languages\IAIt.lng
  • %WINDOWS%\system32\log.txt
  • %UserProfile%\Application Data\Microsoft\Windows\winlogon.exe
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iGSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iMSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iPSh.png
  • %UserProfile%\Local Settings\Application Data\Microsoft\Internet Explorer\iv.exe
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\log.txt
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\pguard.ini
  • %UserProfile%\Local Settings\Application Data\Microsoft\Windows\services.exe

The related registry entries to be removed are as follows:

  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Personal Antivirus_is1
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ITGRDENGINE
  • HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\ITGrdEngine
  • HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer “PrS”
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Personal Antivirus”

Please, be informed that manual removal of W32.Ackantta.B@mm worm is a cumbersome procedure and does not always ensure complete deletion of the malware, since some files might be hidden or may automatically reanimate themselves afterwards. Moreover, manual interference of this kind may cause damage to the system. That’s why we strongly recommend automatic removal of W32.Ackantta.B@mm which will save your time and enable avoiding any system malfunctions and guarantee the needed result.

Download W32.Ackantta.B@mm Worm Automatic Remover

Like This Article? Let Others Know!

Post a Comment: