Windows Anticrashes Utility
Windows Anticrashes Utility Image
Windows Anticrashes Utility is one of dozens of possible rogue anti-spyware programs from the "Fake Microsoft Security Essentials Alert" family. All of these rogue anti-spyware programs share identical interfaces and follow the same process for infecting a computer system. They also tend to have hilariously misspelled names, due to their possible Russian origin. In short, Windows Anticrashes Utility is a program designed to act like a legitimate anti-spyware application so that Windows Anticrashes Utility can steal a computer user's money.
Table of Contents
How Does the Windows Anticrashes Utility Scam Work?
The Windows Anticrashes Utility scam has several steps. All of the clones of Windows Anticrashes Utility follow a similar pattern for stealing a computer user's credit card information.
- The computer user will first have inadvertently downloaded a Trojan engineered to deliver Windows Anticrashes Utility. This kind of Trojan is a common occurrence in file sharing networks. Other common ways of being infected by this Trojan are from infected websites, fake video codecs and fake Flash updates.
- The Trojan will cause the user's computer to display a fake Microsoft Security Essentials Alert. This alert will usually say that the program has detected a Trojan somewhere on the system. It will recommend that the user download Windows Anticrashes Utility to remove the Trojan. Inexperienced computer users may mistake this Microsoft Security Essentials alert for the real thing. Clicking on "Ok" will download and install Windows Anticrashes Utility on the user's computer. Then he/her will be prompted to restart the machine.
- During Windows Anticrashes Utility's installation, Windows Anticrashes Utility will alter the Windows Registry. This will allow Windows Anticrashes Utility to start up as soon as the computer user logs into his/her session. After the computer is rebooted, the first thing that will appear when logging into Windows is the Windows Anticrashes Utility splash screen. The program will run a fake scan on the hard drive, identifying harmless files as infected. It will also claim that there are several Trojan and virus infections on the computer.
- The computer user will be prompted to click on the "Fix problems" button. Doing so will redirect him/her to a window asking for the computer user's credit card information. Windows Anticrashes Utility will claim that the computer user needs to purchase a license to use full versions of the program. Once Windows Anticrashes Utilityit has obtained the credit card information, Windows Anticrashes Utilityit's job is done. The computer user will have given up his money, and Windows Anticrashes Utility will continue to infect the computer.
How Can I Remove Windows Anticrashes Utility from My Computer?
To remove Windows Anticrashes Utility, experts recommend that you use a legitimate anti-malware tool. Programs like Windows Anticrashes Utility pretend to be security programs, but are really composed of Trojans and scripts designed to harm your system. It is possible to remove Windows Anticrashes Utility manually. However, this should not be attempted by inexperienced users. Another reason to remove Windows Anticrashes Utility automatically, instead of manually, is that this program seldom travels alone. It is very likely that the computer was attacked by multiple other infections from the same source as the Trojan which installed Windows Anticrashes Utility. Removing Windows Anticrashes Utility manually may not take care of other malicious threats on your system.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\Microsoft\[RANDOM CHARACTERS].exe |
Registry Details
Messages
The following messages associated with Windows Anticrashes Utility were found:
|
Microsoft Security Essentials Alert
Potential Threat Details Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click 'show details' to learn more. |
|
System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended. |
|
Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks. Risk of system files infection: The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press 'OK' to install the software necessary to initiate system files check. To complete the installation process please reboot your computer. |
|
Warning!
Location: c:\windows\system32\taskmgr.exe Viruses: Backdoor.Win32.Rbot |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.