Monday, July 2, 2012

Windows Interactive Security - serious computer threat

It is well-known fact that Windows Interactive Security program is a rogue security tool. If you do not know it yet then please carefully read this entry devoted to this malicious program. Here you you will find the precise description of the virus and methods on how to deal with it.


It infects the PC with its malicious roots and immediately starts implementing its plots on the computer. For example, it runs the fictitious scan of your machine and reports various fake infections. Please do not trust this faulty information you get from Windows Interactive Security hoax. The effective removal of Windows Interactive Security is available for you by means of Trojan Killer. If you have any questions please do not hesitate to contact us at any time http://trojan-killer.net/support/

Files

In the process of the installation, Windows Interactive Security copies the following files to the hard disk.

  • %AppData%\NPSWF32.dll
  • %AppData%\Protector-[rnd].exe
  • %AppData%\result.db

4. System registry

Windows Interactive Security creates the following registry entries:

  • HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[rnd].exe
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]
  • HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
  • HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
  • HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe

Windows Interactive Security malware remover:

malware removal tool

Posted by at
Labels: , , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)