Welcome to the Virus Encyclopedia of Panda Security.
SysinternalsAntivirus is an adware program that attempts to deceive users by using a known name to be called, like Sysinternals, whose owner is Microsoft.
Once installed, prevents users from working with the computer properly, as it does not allow the files with an EXE extension to be run. In fact, when any of these files is run, a message like the following is displayed informing users that this file is infected:.
Additionally, it carries out the following actions, which are common of this type of fake antivirus programs:
SysinternalsAntivirus creates a directory called Sysinternals Antivirus in the Program Files directory and a group of programs in the Start menu with the same name.
SysinternalsAntivirus creates the following files:
SysinternalsAntivirus creates the following entries in the Windows Registry:
SysinternalsAntivirus modifies the following Windows Registry entry, so that whenever a file with an EXE extension is run, the file belonging to the fake antivirus program is run instead of the corresponding file:
SysinternalsAntivirus can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. It can also reach the computer in a link that can be received via spam messages, fraudulent websites, etc.
SysinternalsAntivirus is 13,849,600 bytes in size.