Multi-Device Licenses (Volume Discounts)

Change Region

English
Threat Database Rogue Anti-Spyware Program Windows Antivirus System

Windows Antivirus System

By LoneStar in Rogue Anti-Spyware Program

Windows Antivirus System is a fake security application which invades your computer system with the only aim to steal your money. Windows Antivirus System seems to be very much like a popular anti-virus software program, so users who do not research the application they install and run on their computers might not find it strange that Windows Antivirus System asks to purchase the license before it removes the viruses it has supposedly detected on the PC system. Windows Antivirus System executes a bogus system scan during which it allegedly detects lots of computer parasites and system errors on your computer system. Windows Antivirus System displays fake security alerts and warning messages to frighten you that your computer security is at risk. Then Windows Antivirus System claims that it can fix all found malware threats if only you would buy the license, thus buying the full version of Windows Antivirus System rogueware. Windows Antivirus System will ask for your name, last name, credit card number, expiration date and CVV2 code. If you provide this information to the creators of Windows Antivirus System, eventually they will able to access your bank account anytime, and you will be robbed off. You need to remove Windows Antivirus System from your machine as quickly as possible by using a trustworthy and effective security tool to make sure that you do not have any other computer threats beside Windows Antivirus System.

File System Details

Windows Antivirus System may create the following file(s):
Expand All | Collapse All
# File Name Detections
1. C:\Documents and Settings\\Application Data\Microsoft

Registry Details

Windows Antivirus System may create the following registry entry or registry entries:
HKEY..\..\..\..{RegistryKeys}
"ConsentPromptBehaviorAdmin"="0" "ConsentPromptBehaviorUser"="0" "EnableLUA"="0"[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe] "Debugger"="'svchost.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe] "Debugger"="'svchost.exe'"
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings] "WarnOnHTTPSToHTTPRedirect"="0"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe] "Debugger"="'svchost.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe] "Debugger"="'svchost.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exe] "Debugger"="'svchost.exe'"
"Shell"="'C:\Documents and Settings\{username}\Application Data\Microsoft\bmemsl.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings] "WarnOnHTTPSToHTTPRedirect"="0"
"Debugger"="'svchost.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe] "Debugger"="'svchost.exe'"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe] "Debugger"="'svchost.exe'"
[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]

Related Posts

Trending

Most Viewed

Loading...