Windows Abnormality Checker

Windows Abnormality Checker Description



Windows Abnormality Checker Screenshot 1Windows Abnormality Checker is a stereotypical example of what happens when criminal software designers get lazy and start creating new variants of old PC threats merely by renaming them. Like most recent members of Win32/FakeVimes, Windows Abnormality Checker looks identical to its fellow scamware variants and can be quickly identified by its fake ‘Advanced Process Control,’ ‘Anti-phishing’ and ‘All-in-one suite’ features. While Windows Abnormality Checker, as a rogue anti-spyware scanner, claims to be able to protect your computer from a colorfully diverse selection of hostile programs, including everything from keyloggers to identity theft-related attacks. However, Windows Abnormality Checker’s security information is fake and its ability to remove any kind of PC threat is less than nil. Accordingly, SpywareRemove.com malware researchers encourage you to remove Windows Abnormality Checker with your choice of actual anti-malware software ASAP.

Windows Abnormality Checker has been confirmed as a copy of other rogue AV programs like VirusSecurity, Windows Managing System, Windows Proactive Safety, Windows Custom Management, Windows Telemetry Center, Windows Web Combat, Windows Enterprise Defender, Enterprise Suite, Windows Performance Catalyst, Windows AntiHazard Center, Windows Custom Safety, Windows Security Suite, PC Live Guard, Windows Safety Checkpoint, Total Anti Malware Protection, Windows ProSecurity Scanner, Windows Secure Surfer, Windows Control Series, Windows Protection Unit, Smart Internet Protection 2012, Windows Warding System, Windows Premium Console, Windows Security Renewal, Windows Care Taker, Windows Guard Solutions, Windows Safety Module, Windows PC Aid, Security Antivirus, Keep Center Keeper, Windows Safety Manager, Windows Pro Defence, Windows Smart Partner, Windows Proprietary Advisor, Windows Antivirus Machine, Windows Virtual Security, Home Safety Essentials, Windows Risk Minimizer, Additional Guard, Windows Advanced User Patch, Windows Virtual Angel, Windows Anti-Malware Patch, PrivacyGuard PRO, Windows Premium Guard, Windows Safety Toolkit, Smart Anti-Malware Protection, Strong Malware Defender, Windows Threats Destroyer, Smart Virus Eliminator, Windows Pro Safety Release, Windows Maintenance Guard, Windows Debug Center, Windows Guard Tools, System Protection Tools, Live PC Care, Windows Pro Solutions, Windows Safety Maintenance, Windows Health Keeper, Windows Defence Counsel, Windows Shielding Utility, Windows Pro Rescuer, Activate Ultimate Protection, Windows Home Patron, Windows Security System, Windows Efficiency Accelerator, Windows High-End Protection, Windows Internet Booster, Windows Advanced Security Center, Windows Functionality Checker, Windows Safeguard Upgrade, Windows Virus Hunter, Windows Basic Antivirus, My Security Engine, Windows Premium Defender, Windows Daily Adviser, Windows Private Shield, My Security Shield, Windows First-Class Protector, Windows Activity Debugger, Windows Privacy Extension, Best Antivirus Software, Windows Antivirus Care, Windows Stability Guard, Windows Privacy Counsel, Smart Engine, Windows Maintenance Suite, Windows Process Director, Anti-Malware Lab, Windows Antivirus Patch, Windows Safety Wizard, Windows Antivirus Rampart, Windows Interactive Security, Windows Personal Doctor, CleanUp Antivirus, Windows Antihazard Solution, Windows Multi Control System, Live Enterprise Suite, Windows Protection Master, Windows Guardian Angel, Windows Custodian Utility, XP Smart Security, Volcano Security Suite, Windows Pro Web Helper, Home Malware Cleaner, Windows Web Commander, Windows Protection Maintenance, Windows PRO Scanner, Windows Trouble Taker, Windows Problems Stopper, Security Master AV, Virus Doctor, Extra Antivirus, Best Malware Protection, Windows Defending Center, Windows Secure Web Patch, Windows Active Guard, Windows Enterprise Suite, Windows Be-on-Guard Edition, Windows Malware Sleuth, Windows Active Defender, Windows Firewall Constructor, Windows Pro Safety, Windows AntiHazard Helper, Windows System Defender, Personal Internet Security 2011, Internet Security Essentials, Antivirus Smart Protection, Windows Profound Security, Windows Interactive Safety, Windows No-Risk Agent, Windows Performance Adviser, Fast Antivirus 2009, Smart Security, Windows ProSecure Scanner, Windows Turnkey Console, Windows Shield Tool, Windows Tools Patch, Windows Software Saver, Windows Ultimate Security Patch, Windows Safety Series, Internet Security Suite, Windows Instant Scanner, Personal Security Sentinel, Windows Advanced Toolkit, Windows Secure Workshop, Windows Ultimate Safeguard, Windows Privacy Module, My Security Wall, Smart Internet Protection 2011, Windows Expert Series, Windows Antivirus Release, Windows Smart Warden, Windows Crucial Scanner, Windows Virtual Firewall, Windows No-Risk Center, Windows Software Keeper, Windows Sleek Performance and Windows Secure Workstation. You should never treat Windows Abnormality Checker like a legitimate security application. While Windows Abnormality Checker will persistently show off a wide range of fake system alerts and other pop-ups to support its malware-riddled system scans, all of Windows Abnormality Checker’s system diagnostic information is preset and, therefore, inaccurate.

SpywareRemove.com malware researchers also note that Windows Abnormality Checker and similar types of rogue anti-spyware scanners from FakeVimes can also use other functions besides fake security features while attacking your PC.
Download SpyHunter Spyware Scanner
Some of the most significant such hostile functions include:
  • Attempts by Windows Abnormality Checker to redirect your online searches to unusual sites for the sake of easy PPC profit.
  • Windows Abnormality Checker blocking your legitimate security programs, including anti-malware and anti-spyware products, to prevent you from running them (and, in all likelihood, deleting Windows Abnormality Checker itself).
  • Generally-reduced Windows security features that can make your PC unusually vulnerable to future attacks by PC threats; some examples include disabled UAC functionality and disabled protection from invalid file signatures.

How to Banish Windows Abnormality Checker and Restore Your PC to Normalcy


While Windows Abnormality Checker should, like any type of malicious software, be removed as soon as possible, Windows Abnormality Checker may also block the anti-malware software that you’d prefer to use for the task. In such instances, SpywareRemove.com malware experts suggest disabling Windows Abnormality Checker (by using Safe Mode or similar options) or using a brand of anti-malware product that isn’t blocked by Windows Abnormality Checker in the first place. Removing Windows Abnormality Checker ‘by hand,’ while possible, carries with it a significant risk of damaging your operating system, as Windows Abnormality Checker, like all members of FakeVimes, changes the Windows Registry, Hosts file and other system components.

SpywareRemove.com malware research team also recommends attempting to fake the registration process for Windows Abnormality Checker if deleting Windows Abnormality Checker right away proves to be extremely troublesome. The freely-distributed code ’0W000-000B0-00T00-E0020′ will let you do this without spending a dime in the direction of Windows Abnormality Checker’s criminal partners.

Windows Abnormality Checker Automatic Detection Tool (Recommended)


Is your PC infected with Windows Abnormality Checker? To safely & quickly detect Windows Abnormality Checker, we highly recommend you run the malware scanner listed below.



Visual & GUI Characteristics


Windows Abnormality Checker Screenshot 2Windows Abnormality Checker Screenshot 3Windows Abnormality Checker Screenshot 4Windows Abnormality Checker Screenshot 5Windows Abnormality Checker Screenshot 6Windows Abnormality Checker Screenshot 7Windows Abnormality Checker Screenshot 8Windows Abnormality Checker Screenshot 9Windows Abnormality Checker Screenshot 10

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ Protector-tisf.exe 213
    2 %APPDATA%\ Protector-npvl.exe 12
    3 %AppData%\result.db N/A
    4 %AppData%\NPSWF32.dll N/A
    5 %AppData%\Protector-[RANDOM CHARACTERS].exe N/A
    6 %Desktop%\Windows Abnormality Checker.lnk N/A
    7 %StartMenu%\Programs\Windows Abnormality Checker.lnk N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[RANDOM CHARACTERS].exeHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM CHARACTERS]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
Posted: May 11, 2012 | By
Share:
Follow Me on Pinterest More More
Threat Level: 10/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:
Detection Count: 91

One Comment

Leave a Reply

What is 14 + 8 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)