Home / Spyware Help / StressPaint Removal Guide

StressPaint Removal Guide

by 0 Comments

Do you know what StressPaint is?

StressPaint is a nasty Trojan infection users usually install with the application called Relieve Stress Paint. The program itself works fine – it allows users to make drawings in order to relieve stress, but, as you can see, it is far from being perfect. Our researchers have tested both the application and the Trojan installed next to it, and they can now say with confidence that the drawing application is of poor quality even though it allows users to make drawings. Without a doubt, the StressPaint Trojan concerns us the most since it has already affected more than 35 000 users in Vietnam, Russia, Pakistan, Indonesia, Ukraine, and other countries. If you live on the other side of the world, it does not mean that you cannot encounter this infection, so never keep your system unprotected. If you can already locate Relieve Stress Paint installed on your system, the chances are high that you have a Trojan active on your computer too. Check your system and, if it turns out to be true that the Trojan infection is installed on your computer, take action to disable it right away because, as you will see for yourself, it is quite dangerous malware.

Our team of experienced researchers has thoroughly analyzed StressPaint to find out how this infection acts, and it has turned out that this infection has been developed to steal information from Google Chrome so that cyber criminals could receive users’ login data. At the time of analysis, the malicious application was set to steal Facebook credentials only, but there is a huge possibility that it will be updated in the near future. In other words, it is very likely that it could steal login credentials of Amazon and other popular websites too. Facebook login data is not the only type of information StressPaint was interested in at the time of analysis. It could also receive additional information, for example, the total number of victim’s friends and pages/groups administered. As can be seen, this malicious application might cause privacy-related problems. Have you already encountered StressPaint? If so, it would be best that you change your password on Facebook after its complete removal.StressPaint Removal GuideStressPaint screenshot
Scroll down for full removal instructions

We have found the distribution of StressPaint quite interesting too. It has turned out that it is distributed via the website aoi.net. It looks like AOL, but it uses Unicode characters. Users, of course, do not know that they download the Trojan infection. They expect that they will get a useful program for stress management only. Specialists say that other methods might be used to spread this malicious application too, so you must be cautious all the time. Users get a working drawing tool, but they do not know that the Trojan infection is installed in %TEMP%. Speaking specifically, DX.exe and updata.dll are two files you should search for in this directory. You should also find an Updata entry in the Run registry key (HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run). You cannot leave it active because the Trojan infection could continue gathering login data even after the system restart. Trojans usually slither onto users’ computers illegally, and since users are not informed about their installation, they manage to stay undetected for a long time. Do not let a new harmful malicious application to enter your system – enable reliable security software on your computer today.

Even though Relieve Stress Paint is, technically, not malicious itself, the Trojan is installed next to it, which shows that there is nothing trustworthy about it. Trojans might cause a bunch of problems, especially if they are used to collect personal information, so the StressPaint Trojan removal is a must. It would be best to take action immediately after you read this article because the longer this infection stays active, the more valuable information it can steal. Use below-provided instructions to remove it from your system, or download a reputable security tool from the web and scan your system with it.

How to remove StressPaint

  1. Tap Ctrl+Shift+Esc.
  2. Open Processes.
  3. Locate the malicious process and kill it.
  4. Open Windows Explorer.
  5. Go to %TEMP%.
  6. Delete DX.exe and updata.dll (these files might have another name).
  7. Close Windows Explorer and press Win+R.
  8. Type regedit in the box and click OK.
  9. Move to HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run.
  10. Locate the Updata Value (the Value name might be different).
  11. Right-click on it and select Delete.
  12. Empty Recycle bin.
  13. Scan your system with an antimalware scanner.

In non-techie terms:

StressPaint is a Trojan infection that you might install on your computer together with the drawing program. It has been designed to steal information from Google Chrome browsers and then extract users’ logins from it. In other words, this malicious application might cause a lot of trouble to you, so if it has turned out that you have it installed on your computer, make sure you remove it as soon as possible.