Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Rogue Anti-Spyware Program Windows Attention Utility

Windows Attention Utility

By JubileeX in Rogue Anti-Spyware Program

Windows Attention Utility Image

Windows Attention Utility is a rogue anti-spyware program that has been designed by the cyber-criminals who aim at stealing your money and totally messing up your computer. Once the computer is infected with Windows Attention Utility, a fabricated system scan is initiated. After the Windows Attention Utility scan results, Windows Attention Utility will attack you with disturbing error or nag messages. Windows Attention Utility attempts to imitate legitimate security tool so that the targeted user can be persuaded to purchase the scam program Windows Attention Utility as a solution to removing alleged malware threats it has detected. Windows Attention Utility is usually installed by using a web scanner page created to look like legitimate Windows program screen. Sometimes Windows Attention Utility will seem to be a legitimate Flash update or video codec. Once executed, the payload is, in fact, Windows Attention Utility. Windows Attention Utility can also spread via an out-dated browser with identified security holes.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

File System Details

Windows Attention Utility may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. %UserProfile%\Application Data\Microsoft\[RANDOM CHARACTERS].exe

Registry Details

Windows Attention Utility may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore "DisableSR " = '1'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = '0'
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = '0'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'

Messages

The following messages associated with Windows Attention Utility were found:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.
System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.
Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot
Threat prevention solution found
Security system analysis has revealed critical file system vulnerability caused by severe malware attacks.
Risk of system files infection:
The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press ‘OK’ to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.

Trending

Most Viewed

Loading...