Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Windows Antispy Network

It would seem as though developers of rogue antispyware applications such as Windows Antispy Network has been hard at work at developing sophisticated applications to rip consumers off. Windows Antispy Network, which derives from the same hated family of rogues as the famed Privacy Center, enters the system surreptitiously and roots itself there without the user’s knowledge. Despite its seemingly genuine and misleading GUIs, Windows Antispy Network does not have the ability to protect the system against any type of threat.

Many different routes of infection can be used to root the Windows Antispy Network infection into the PC. These vary from rubbish online malware scanners panicking users into downloading Windows Antispy Network, and seditious browser hijacking websites who make use of drive-by download tactics. Another tactic includes using infected online flash ads as part of Windows Antispy Network’s online marketing campaign.

As a first line of attack against the system, Windows Antispy Network will be configured to start up each time the user logs on to Windows. It will then initiate a fake system scan which will report on false threats such as Unknown Win21/Trojan ,Trojan.Horse.Win32.PAV.64.a and Backdoor.Win32.Rbot, among others. It will also proceed to block the user’s access to the Internet, and prevent him from executing any application on the infected PC.

As a further attack, Windows Antispy Network will consume many of the system’s resources which will result in a terribly slow and poorly functioning system. It will also spam the user with various false security notifications in the form of pop ups. These pop ups usually contain a call to action which if acted upon, will make it that much easier for the rogue to fleece the user out of his money. Never react to any call to action initiated by Windows Antispy Network, and accept all correspondence received by the rogue as heavily suspect. Some of the more popular fake alerts to be on the lookout for include the following:

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

In order to regain control back of your system, and to restore the PC’s security and privacy get rid of Windows Antispy Network immediately. This will also limit the damage the rogue will be able to cause the system. So this safely by using the removal power of a genuine security tool which will also go on to provide protection against similar attacks in future.

Download Spyware Removal Tool to Remove* Windows Antispy Network
  • Quick & tested solution for Windows Antispy Network removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Antispy Network

Files associated with infection (Windows Antispy Network):

%AppData%\Microsoft\[random].exe

Processes to kill (Windows Antispy Network):

%AppData%\Microsoft\[random].exe

Remove registry entries (Windows Antispy Network):

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.