Multi-Device Licenses (Volume Discounts)

Change Region

English Português
Threat Database Rogue Anti-Spyware Program Windows Antivirus Release

Windows Antivirus Release

By Domesticus in Rogue Anti-Spyware Program
Translate To:
English

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 15
First Seen: August 8, 2012
Last Seen: January 8, 2020
OS(es) Affected: Windows

Windows Antivirus Release Image

Windows Antivirus Release is a fake anti-spyware application that pretends to scan your computer and find viruses on your system that are absolutely false. Windows Antivirus Release is another member of the FakeVimes family and has countless clones. Windows Antivirus Release attempts to persuade you into purchasing its 'full version' to remove these supposed malware infections. Windows Antivirus Release uses intentional false positives to scare affected PC users that their computers have been infected with numerous security threats. In some cases, the falsified threats are Trojan infections that advertise or even directly install Windows Antivirus Release.

Windows Antivirus Release invades your computer system as a Trojan or a tricky download, and once installed it immediately starts displaying fake pop-up alerts to frighten you that your PC is at risk. The truth is that your computer has been compromised, but the main problem is Windows Antivirus Release itself. ESG's malware analysts highly recommend you not to believe anything related to Windows Antivirus Release and purchase this malware application. It is highly recommended to remove Windows Antivirus Release scam program from the infected PC as quickly as possible after detection.

The numerous rogue security programs that use the same misleading tactic of Windows Antivirus Release include Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

SpyHunter Detects & Remove Windows Antivirus Release

Windows Antivirus Release Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Antivirus Release may create the following file(s):
Expand All | Collapse All
# File Name MD5 Detections
1. Protector-afnq.exe 960f698531cd8d92298e4e61f1bd0e1b 1
2. %AppData%\Protector-[rnd].exe

Registry Details

Windows Antivirus Release may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe

Messages

The following messages associated with Windows Antivirus Release were found:

Firewall has blocked a program from accessing the Internet
Internet Explorer
C:program filesinternet exploreriexpolre.exe
C:program filesinternet exploreriexpolre.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Recommended:
Please click "Prevent attack" button to prevent all attacks and protect your PC
Warning! Virus Detected
Threat Detected: Trojan-Downloader.Win32.Agent
Security Risk:
Infected File: regedit.exe
Description: Programs classified as Trojan download and install new versions of malicious programs, including Trojans and AdWare, on victim computers.
Recommended:
Please click "remove All" button to erase all infected files and protect your PC

Related Posts

Trending

Most Viewed

Loading...