Windows Antihazard Solution
The Windows Antihazard Solution is one of the many faces of the FakeVimes family of rogue security applications. The Windows Antihazard Solution scam is not different from its clones, and has remained practically unchanged since 2009. Basically, what the Windows Antihazard Solution intends is persuade the victim to purchase a useless bogus security program. The Windows Antihazard Solution is usually accompanied with a rootkit component. This family of malware, known as FakeVimes, is responsible for installing fake security programs on the victim's computer.
The Windows Antihazard Solution infection, more accurately referred to as a Trojan, is one of a recent batch of FakeVimes clones that includes such fake security software as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
ESG security analysts have found versions of the Windows Antihazard Solution that receive support and protection from the ZeroAccess rootkit. This rootkit component makes the Windows Antihazard Solution more difficult to remove, effectively hiding its location on the victim's hard drive and attempting to disable any programs, applications or Windows services capable of removing the Windows Antihazard Solution. To deal with this malware threat, ESG security analysts recommend using a reliable anti-malware utility with anti-rootkit capabilities in order to handle the associated ZeroAccess infection.
Table of Contents
The Windows Antihazard Solution – A New Face for an Old Threat
Because FakeVimes has been around for such a long time, most security programs have no problem detecting and removing it. A Windows Antihazard Solution infection is no exception. Apart from its rootkit component, the Windows Antihazard Solution is not really difficult to remove. The main danger with a Windows Antihazard Solution infection is the fact that its authentic-looking interface may be enough to fool inexperienced computer users into believing that this bogus security program is the real thing. Computer systems infected with the Windows Antihazard Solution will display constant error messages that appear to come from the operating system itself, a bogus system scan, and alarming pop-up notifications. All of these are designed to convince the victim that it is necessary to purchase Windows Antihazard Solution in order to stop a nonexistent infection on the infected computer. Do not become a victim of the Windows Antihazard Solution; do not purchase this fake security program or believe any of its claims. Instead, remove Windows Antihazard Solution immediately.
Aliases
15 security vendors flagged this file as malicious.
Anti-Virus Software | Detection |
---|---|
AhnLab-V3 | Trojan/Win32.Zbot |
Kaspersky | UDS:DangerousObject.Multi.Generic |
McAfee | Artemis!5D3A89B71CF2 |
Ikarus | Trojan.Win32.Inject |
AhnLab-V3 | Trojan/Win32.Pakes |
Sophos | Troj/Ransom-IY |
McAfee-GW-Edition | Heuristic.LooksLike.Win32.Suspicious.J!86 |
BitDefender | Gen:Variant.Graftor.42564 |
Kaspersky | Trojan.Win32.Inject.enoa |
Panda | Trj/CI.A |
Fortinet | W32/Zbot.HJ |
Ikarus | Win32.Citadel |
Sophos | Mal/Zbot-HJ |
Comodo | TrojWare.Win32.Graftor.WDKJ |
BitDefender | Gen:Variant.Zusy.11803 |
Windows Antihazard Solution Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AppData%\Protector-[RANDOM 3 CHARACTERS].exe | |
2. | %AppData%\NPSWF32.dll | |
3. | %CommonStartMenu%\Programs\Windows Antihazard Solution.lnk | |
4. | %Desktop%\Windows Antihazard Solution.lnk | |
5. | %AppData%\result.db |
Registry Details
URLs
Windows Antihazard Solution may call the following URLs:
Itvalleynews.com |