Winsos
Winsos is a Rogue Security Program. A Rogue Security Program is software that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with
intrusive, deceptive warnings and/or false, misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits.0
General information:
| Malware Name: |
Winsos |
| Malware Type: |
Rogue Security Program |
| Company Name: |
WinSos |
| Company URL: |
http://winsos.com/
|
| Threat Level: |
Medium Risk |
| Operating System: |
WIN XP |
| Installation Type: |
Installed through EXE |
| Operation: |
Time of After Installation. |
Company Description:
With WinSos we can delete spyware, optimize our computer's performance and get problems with our computer fixed either by a remote technician or at our home. WinSos also allows us to backup and restore, in one click, our Outlook Express e-mail
boxes, address books, outlook office 2000, 2002, 2003, XP and all other elements stored on our computer. This back up is encrypted and can be stored on a USB key, zip reader, cd, hard disk, remote computer
Spyware Description:
Winsos is a Rogue Security Program. A Rogue Security Program is software that purports to scan and detect malware or other problems on the computer, but which attempts to dupe or badger users into purchasing the program by presenting the user with
intrusive, deceptive warnings and/or false, misleading scan results. Rogue Security Programs typically use aggressive, deceptive advertising and may be installed without adequate notice and consent, often though exploits.0
Characteristics/Symptoms:
-> False positives work as good to purchase -> False scan results -> Uses inadequate scan/detection scheme -> Uses out of date ref database0
Additional information might be found here:
Processes Running:
WINSOS.EXE
File information Created after Installation:
| File Location |
Size (Bytes) |
Type |
| C:\Program Files\Winsos\AUTO.txt |
6 |
Text Document |
| C:\Program Files\Winsos\anti-spy.exe |
823240 |
Application |
| C:\Program Files\Winsos\update.exe |
162049 |
Application |
Folder information Created after Installation:
| Folder Location |
| C:\Program Files\Winsos\TEMP |
| C:\Program Files\Winsos\TEMPZIP |
Registry information Created after Installation:
| Main Registry Key |
Sub Registry Key |
Key Value Name |
| HKEY_CURRENT_USER |
\Software\Microsoft\Windows\CurrentVersion\Run |
WINSOS VERIFY |
| HKEY_LOCAL_MACHINE |
SOFTWAREMicrosoftWindowsCurrentVersionUninstallWINSOS SOFTWARE LIMITED_is1 |
HelpLink |
| HKEY_LOCAL_MACHINE |
\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\WINSOS SOFTWARE LIMITED_is1 |
Inno Setup: User |
