Windows AV Software
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 4 |
| First Seen: | February 22, 2011 |
| Last Seen: | January 8, 2020 |
| OS(es) Affected: | Windows |
Windows AV Software Image
Windows AV Software is not the generic name for some kind of pre-installed Windows program. In fact, Windows AV Software is malware, which has no legitimate ties to Windows or to Microsoft. As a fake security program, Windows AV Software is part of a scam, designed to frighten you into believing that you have no choice but to purchase a license for Windows AV Software in order to ensure your PC security. Nothing could be farther from the truth, because Windows AV Software is incapable of doing anything worthwhile or beneficial.
Table of Contents
Symptoms Caused by Windows AV Software
When Windows AV Software is infecting your computer, Windows AV Software will use a combination of scare tactics and ransoming in order to try to manipulate you into paying the bogus "license" fee. The symptoms you'll notice will include the following:
- Windows AV Software will run every time you start Windows, and Windows AV Software will load its phony interface before you even see the desktop. The interface uses the Windows name and logo, without permission, and all of the information presented on the interface is false. That includes the fake scan and horrible scan results that Windows AV Software will show you, because Windows AV Software can't actually detect threats. Nonetheless, Windows AV Software will demand that you upgrade to its "licensed" or "registered" version by paying a fee.
- After the fake scan is done, you will be able to get Windows to load until the end, although it will be effectively useless. Windows AV Software will cause pop-up security alerts to appear, and the alerts will say the same few things over and over – especially that Firefox is a keylogger, someone is trying to tamper with your "register keys," and that lsass.exe has caused some kind of catastrophic problem. These alerts are supposed to scare you, and they will ultimately try to lead you to a purchase website for Windows AV Software. Needless to say, the threats they warn you about are nonexistent.
- Windows AV Software will prevent all other programs from running, with the exception of your web browser, which Windows AV Software will severely disable. You will not be able to get to any websites other than the payment page for the Windows AV Software scam.
- Windows AV Software accomplishes its ends by making several changes to the Registry. These changes will prevent you from using Task Manager, the Control Panel, Regedit, or any real anti-virus software you may have – meaning that you can't use any of these things to try to remove Windows AV Software.
- It is important to remember that no matter which threats Windows AV Software claims to have found, those threats are not present on your computer. Also, remember that no matter how much you pay in bogus license fees, Windows AV Software will neither become functional anti-virus software nor stop demanding money. There is simply no good reason to pay the fee that Windows AV Software demands.
Origins of the Windows AV Software Infection
Most people who find Windows AV Software on their computers are surprised to see Windows AV Software, because Windows AV Software generally is not something that you download knowingly. This is due to the fact that Windows AV Software relies on a Trojan in order to infiltrate and infect PCs, and the Trojan is downloaded without your knowledge. As the name suggests, the Trojan used by Windows AV Software is usually hidden in a file that looks ordinary or harmless, such as a program update, or a flash update. However, when you download updates from third-party sites or sketchy sites, you run the risk of downloading a fake update and getting a Trojan instead. The Trojan that supports Windows AV Software may also be downloaded to your computer when you visit a fake scanner site or click on a link in a malicious advertisement, or it may even be attached to a spam email.
Regardless of how the Trojan gets onto your computer, once it has found a way in, it always does the same thing: it creates fake Microsoft Security Essentials Alerts. The alerts pops-up from the system tray and they look just like the alerts actually generated by the free Windows-based security program Microsoft Security Essentials. These phony alerts always follow the same pattern, too, which is to claim that an unknown Trojan has been found, then claim to identify it, and then offer a free software download in order to remove the Trojan. Then, if you agree to download the "free software" offered in the last alert, you download Windows AV Software. The malware will install itself, make changes to the Registry, and cause your computer to reboot – after which Windows AV Software will be active.
Windows AV Software comes from a family of dozens of rogue anti-virus programs, the family which can be grouped together based on their use of the Fake Microsoft Security Essentials Alert Malware. This family of fake security applications uses names that follow a formula. The first word is always "Windows," and then there are one or two other words taken from lists. Several dozen combinations of these words have been used to create names for phony programs, and collectively, these fake security programs are the basis for a Russian Internet-based scam. Some examples of other rogue anti-virus programs from Windows AV Software's family are Fortunately, Windows AV Software can be safely removed, with proper anti-virus software and technical support. Also, its Mad-libs-style naming conventions make it relatively easy to recognize a fake security program that belongs to this malware family.
SpyHunter Detects & Remove Windows AV Software
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | ylfvjc.exe | 616fa111e4d544ca6da6d31462b0153f | 1 |
