Windows Inviolability System is one of those fake anti-spyware programs that are designed to scare you into thinking -ironically- that your computer is infected and attacked by various Trojans and malwares.
At first, the real Trojan will notify the user that a certain file is infected with an Unknown Win32/Trojan. It will then start a fake scan on your system at the end of which you will be prompted that a particular file is infected with Trojan.Horse.Win32.PAV.64.a.
The Trojan will then pop-up a message box suggesting that the only way to get rid of the threat is by installing and downloading Windows Inviolability System. By clicking the OK button, Windows Inviolability System will be automatically downloaded and installed on your system.
Once installed Windows Inviolability System will make it so you won’t be able to access your normal desktop screen. Instead you will be presented with a Windows Inviolability System window that will prompt you to perform another scan on your computer.
Of course, this scan process is also a fake, the tricky part however is that you are not able to access your desktop screen unless you go through this scanning process.
Once the fake scanning is complete, Windows Inviolability System will alert you that your system is highly at risk and that in order to get rid of these threats you will need to buy the full version of Windows Inviolability System.
Do NOT give away your credit card information as this is merely a scam in order for you to give away your money and credit card information. The so called full version of the program is also a fake.
Now, before we go on with the disinfection process you need to keep in mind that:
- You won’t be able to access your normal desktop screen unless you go through the tedious fake scanning process. After that you will be able to press X in the top-right side of the Windows Inviolability System window.
- You will need to download RKill, Shell.reg and Malwarebytes’ Anti-Malware MBAM.
- You might not be able to access the internet from the infected machine. If that’s the case you will need to download the above mentioned programs on another clean computer after which you will transfer these necessary programs on the infected machine via CD/DVD, USB flash drive etc.
Windows Inviolability System Removal Guide
-Install and run RKill on the infected machine in order to kill any Windows Inviolability System related processes. In case Windows Inviolability System gives you a hard time scanning your computer and you are not able to do so, try downloading a renamed version of RKill (e.g. iExplorer.exe) from the RKill link provided above. After finishing this step do NOT reboot your computer or you will need to start the guide all over again.
-Now, before we get to MBAM and the actual disinfection you will need to restore your Windows Registry Shell value else you will not be able to access your normal desktop screen after you get rid of Windows Inviolability System. Run Shell.reg and let it merge the data.
-It’s time to make use of Malwarebytes’ Anti-Malware (MBAM). Start the installation process by double-clicking on mbam-setup.exe and make sure that while at the installation process the buttons named Update Malwarebytes’ Anti-Malware and Launch Malwarebytes’ Anti-Malware are checked. After the installation is complete reboot your computer if prompted to do so.
-Once your system reboots MBAM will start and update itself automatically. Go to the Scanner tab, make sure that the Perform Full Scan is checked and then press the Scan button below. MBAM will now scan your computer for threats.
-After the scanning is complete you will be presented with a list of threats found on your computer. Make sure all these threats are checked and then press the Remove Selected button below. After MBAM finishes removing these threats you might be prompted for a reboot. Please do so.
If you have followed these steps accordingly your computer should now be clean. However consider following this Secunia PSI guide in order to detect if there are any vulnerable programs on your system that might leave the door open for future threats.