Windows Interactive Security is an ordinary badware program that is meant to reduce the savings from the gullible Internet surfers. You should keep in that this is malicious application, since it is really unwanted one. It was fabricated by the team of cyber criminals with one purpose only - to trick and fool many people around the world. If you read this entry, probably you have run into this scamware too. The negative impact of this tool is guaranteed for you.
As its predecessors from FakeVimes virus clan, Windows Interactive Security enters your PC via security vulnerabilities really unexpectedly. It does not wait for your permission or approval and starts its bogus activity. It launches falsified system scanners and ends up with invented scanning results. You are told to detect some potentially insecure stuff and in order to remove them you are offered to purchase the licensed version of Windows Interactive Security. It goes without saying that this is a virus and should be deleted without lingering. The quicker you remove this hoax the better for your safety.
The first signs that your PC is infected with Windows Interactive Security rogue
• Unauthorized startups of the rogue each time you switch the PC on
• General system slowdown
• Possible browser redirection issues
• Permanent fake scans of you PC by Windows Interactive Security malware
• Probable inability to launch legitimate security software (blockage on the part of Windows Interactive Security scam)
• Probably inability to download legitimate security software (blockage on the part of Windows Interactive Security fake AV)
• Offers of the rogue for you to buy its fake license that can’t remove real threats.
• Increase of potential risks for your PC to be even more infected (if you fail to remove the hoax on time)
As we have already said above you should get rid of this parasite at once. You should do it by means of legit anti-virus tool. If you have reliable anti-virus, it is very good, if you are still in search why not try GridinSoft Trojan Killer, a powerful anti-virus solution able to detect different malicious objects without any special efforts on your part.
Recommended solution for Windows Interactive Security virus removal:
• Open your browser or “My Computer” window
• Ignore fake security notifications of Windows Interactive Security rogue, its bogus warnings, popups and ads
• In the address field insert the Web address of GridinSoft Trojan Killer – http://trojan-killer.net,download, install, update and run Trojan Killer,remove all threats Trojan Killer detected,reboot you PC to appy all changes made.
3. Files
Protector-[rnd].exe in %AppData% folder
4. System registry
Windows Interactive Security creates the next registry entries:HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\
Inspector = %AppData%\Protector-[random].exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV\
Debugger = svchost.exe
HKEY_LOCAL_MACHINE\software\microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe\
Debugger = svchost.exe
No comments:
Post a Comment