Windows Antivirus Release

Windows Antivirus Release Description

Type: Rogue AntiSpyware Programs

ScreenshotWindows Antivirus Release is a fake anti-spyware application that pretends to scan your computer and find viruses on your system that are absolutely false. Windows Antivirus Release is another member of the FakeVimes family and has countless clones. Windows Antivirus Release attempts to persuade you into purchasing its 'full version' to remove these supposed malware infections. Windows Antivirus Release uses intentional false positives to scare affected PC users that their computers have been infected with numerous security threats. In some cases, the falsified threats are Trojan infections that advertise or even directly install Windows Antivirus Release.

Windows Antivirus Release invades your computer system as a Trojan or a tricky download, and once installed it immediately starts displaying fake pop-up alerts to frighten you that your PC is at risk. The truth is that your computer has been compromised, but the main problem is Windows Antivirus Release itself. ESG's malware analysts highly recommend you not to believe anything related to Windows Antivirus Release and purchase this malware application. It is highly recommended to remove Windows Antivirus Release scam program from the infected PC as quickly as possible after detection.

The numerous rogue security programs that use the same misleading tactic of Windows Antivirus Release include Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Windows Antivirus Release

Windows Antivirus Release Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Antivirus Release creates the following file(s):
# File Name MD5 Detection Count
1 Protector-afnq.exe 960f698531cd8d92298e4e61f1bd0e1b 1
2 %AppData%\Protector-[rnd].exe N/A

Registry Details

Windows Antivirus Release creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe

More Details on Windows Antivirus Release

The following messages associated with Windows Antivirus Release were found:
Firewall has blocked a program from accessing the Internet
Internet Explorer
C:program filesinternet exploreriexpolre.exe
C:program filesinternet exploreriexpolre.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Please click "Prevent attack" button to prevent all attacks and protect your PC
Warning! Virus Detected
Threat Detected: Trojan-Downloader.Win32.Agent
Security Risk:
Infected File: regedit.exe
Description: Programs classified as Trojan download and install new versions of malicious programs, including Trojans and AdWare, on victim computers.
Please click "remove All" button to erase all infected files and protect your PC

Related Posts

Site Disclaimer is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.