Windows Interactive Security will do its best in trying to make you think it is legitimate. However, while it may look as 'good' anti-spyware for you, in reality it belongs to 'rogue' category and Fakevimes family. That means, it's almost impossible for the user to notice the moment of its infiltration and then it becomes hard to ignore its alerts and scanners reporting about numerous viruses detected. Keep in mind that no matter that this application looks OK from the first sight, Windows Interactive Security is capable to warn its victims only about invented viruses. Of course, it does that for the serious aim – this program tries to make them purchase its fake license. If you have also been surprised by Windows Interactive Security alerts, you are highly recommended to remove Windows Interactive Security from your computer without any delay.
Windows Interactive Security distribution methods
Windows Interactive Security comes from a trojan virus that can easily be downloaded together with fake flash updates or other downloads that are infected. Note that the only way to prevent such intruders is installing reputable anti-spyware program, so do that without any delay if you have no anti-malware on board. In addition, this trojan sets rogueware to start as soon as PC is rebooted and then also uploads some harmful files on the system that additionally are detected as malware. As a result, when inside your machine, Windows Interactive Security keeps on displaying false spyware detection alerts and fake scanner ads telling that you are dangerously infected. These bogus messages interrupt victims every time they start using their computers and pop up as soon as they open the search window.
Some of these alerts from Windows Interactive Security look like that:
Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click ‘show details’ to learn more.
By scaring you about the problems found on your computer, Windows Interactive Security wants you to go further and purchase its licensed version. However, filling payment details and eventually purchasing this version means giving your money for scammers. So, make sure you don't believe Windows Interactive Security ads and ignore its offers pushing you into purchasing its license. If you have already paid for this scam, you must contact your credit card company to dispute the charges and, of course, you are highly recommended to remove Windows Interactive Security from your PC.
How to remove Windows Interactive Security?
We recommend using Spyhunter or STOPzilla anti-malware tools that will find and remove all infected files for you.
The latest parasite names used by FakeVimes:
Windows Interactive Security manual removal:
Protector-[3 random characters].exe
Protector-[4 random characters].exe
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe
There are more similar entries, you should let spyware Doctor to identify them.
%AppData%Protector-[3 random characters].exe
%AppData%Protector-[4 random characters].exe