Windows Antivirus Patch
Windows Antivirus Patch Description
Windows Antivirus Patch, contrary to its name, doesn’t have any genuine or functional anti-virus or security features, although its looks and pop-ups will try to convince you differently. Like other fake anti-virus programs that are classified under Win32/FakeVimes, Windows Antivirus Patch displays inaccurate security information as part of a plan to con you out of money and personal information in the registration process for its software.
Windows Antivirus Patch: Neither a Patch Nor an Antivirus Program
Windows Antivirus Patch’s name may evoke pretensions of upgraded Windows security, but Windows Antivirus Patch’s functions don’t even come close to living up to its marketing. As a recent variant of other rogue anti-virus programs, Windows Antivirus Patch can be recognized due to its resemblance to scamware like CleanUp Antivirus, Additional Guard, Windows Stability Guard, Windows No-Risk Center, Live PC Care, Smart Internet Protection 2012, Windows Custodian Utility, Windows PC Aid, Strong Malware Defender, Windows Active Defender, Windows Safety Module, Windows Telemetry Center, Windows Privacy Counsel, Windows Security System, Volcano Security Suite, Total Anti Malware Protection, Windows Guardian Angel, Windows Protection Master, Windows Health Keeper, Windows Pro Web Helper, Windows Instant Scanner, Security Antivirus, Windows Functionality Checker, Windows Safety Manager, Windows Web Combat, Home Malware Cleaner, Windows Software Saver, My Security Shield, Windows Guard Solutions, Home Safety Essentials, Windows Maintenance Guard, Windows Virtual Firewall, Windows Safety Series, Keep Center Keeper, Best Antivirus Software, Windows Secure Workstation, Windows Be-on-Guard Edition, Windows Antivirus Release, Windows Process Director, Windows Advanced Security Center, Windows Proactive Safety, Virus Doctor, Windows Warding System, Windows Enterprise Suite, Windows Control Series, Windows First-Class Protector, Windows Debug Center, Internet Security Essentials, Windows Care Taker, Windows Ultimate Security Patch, Internet Security Suite, Enterprise Suite, VirusSecurity, Personal Security Sentinel, Windows Protection Unit, Windows Malware Sleuth, Windows Managing System, Windows Efficiency Accelerator, Windows Safety Checkpoint, Windows PRO Scanner, Windows Privacy Extension, Windows Anti-Malware Patch, Windows Premium Guard, Windows Security Renewal, System Protection Tools, Personal Internet Security 2011, Smart Virus Eliminator, My Security Engine, Windows Problems Stopper, Windows Performance Adviser, Windows Sleek Performance, Windows Expert Series, Windows Premium Defender, Smart Security, Security Master AV, My Security Wall, Windows Tools Patch, Windows Antivirus Machine, Windows System Defender, Smart Anti-Malware Protection, Windows Guard Tools, Windows Firewall Constructor, Windows Daily Adviser, Windows Safety Wizard, Windows Private Shield, Windows Interactive Security, Windows Web Commander, Windows Personal Doctor, Windows Antivirus Rampart, Windows Abnormality Checker, Windows Secure Surfer, Windows Internet Booster, Windows Virtual Angel, Windows No-Risk Agent, Fast Antivirus 2009, Windows Pro Safety, Smart Internet Protection 2011, Windows Risk Minimizer, Windows Privacy Module, Windows Protection Maintenance, Windows Software Keeper, Windows AntiHazard Center, Antivirus Smart Protection, Windows Interactive Safety, Windows Safety Maintenance, Live Enterprise Suite, Windows Activity Debugger, Windows Crucial Scanner, PrivacyGuard PRO, Windows Virus Hunter, Windows Trouble Taker, Windows Safeguard Upgrade, Windows Maintenance Suite, Windows Custom Safety, Windows Active Guard, XP Smart Security, Windows Performance Catalyst, Windows Smart Partner, Windows Shielding Utility, Windows Pro Solutions, Windows Premium Console, Extra Antivirus, Windows Security Suite, PC Live Guard, Windows Defence Counsel, Windows Home Patron, Smart Engine, Windows ProSecure Scanner, Windows Threats Destroyer, Windows Antivirus Care, Windows Basic Antivirus, Windows Antihazard Solution, Windows Ultimate Safeguard, Windows Smart Warden, Activate Ultimate Protection, Windows Safety Toolkit, Windows High-End Protection, Windows Profound Security, Windows Custom Management, Windows Pro Defence, Windows Secure Workshop, Windows Turnkey Console, Windows Defending Center, Windows Pro Rescuer, Windows Secure Web Patch, Best Malware Protection, Windows Proprietary Advisor, Windows Enterprise Defender, Windows Virtual Security, Windows Advanced User Patch, Anti-Malware Lab, Windows Advanced Toolkit, Windows Shield Tool, Windows AntiHazard Helper, Windows ProSecurity Scanner, Windows Pro Safety Release and Windows Multi Control System. Features that are included in Windows Antivirus Patch’s fake security package, such as its Advanced Process Control should always be ignored and remain unused, since SpywareRemove.com malware research team has confirmed that Windows Antivirus Patch has no real features that could protect your PC from any kind of PC threats. Windows Antivirus Patch starts with Windows due to its use of typical Registry exploits and displays fraudulent pop-up alerts without your permission.
Windows Antivirus Patch may also include fake security alerts while blocking other applications, pretend to scan your computer so that it can display erroneous results or repeatedly request that you register its software for your own safety. Of course, since these are all just part of Windows Antivirus Patch’s scam to steal your money, SpywareRemove.com malware experts recommend against buying Windows Antivirus Patch, although faking Windows Antivirus Patch’s registration with the code ’0W000-000B0-00T00-E0020′ can be used to reduce its attacks.
The Security Pitfalls That Turn Windows Antivirus Patch from an Annoyance into a Danger
Windows Antivirus Patch also shares in its keeping the same security issues that other FakeVimes-based rogue AV applications are known to exhibit, and these attributes cause SpywareRemove.com malware experts to recommend Windows Antivirus Patch’s total and rapid-fire deletion from any PC. Although competent anti-malware scanners can detect and remove Windows Antivirus Patch, until you disable and delete Windows Antivirus Patch from your computer, you’re at risk for a variety of security-reducing attacks:
- Security features and programs that are baseline to Windows, such as Task Manager, the UAC and file signature verification can be disabled by Windows Antivirus Patch, which places your computer in a heightened state of vulnerability to PC threats.
- Hosts file exploits may be used to redirect your online searches to unfamiliar sites or block websites that could assist you with removing Windows Antivirus Patch.
- Other anti-malware and security programs may also be blocked. However, SpywareRemove.com malware researchers note that disabling Windows Antivirus Patch should allow you to access your software once more and take appropriate steps to insure Windows Antivirus Patch’s complete deletion.
Windows Antivirus Patch Automatic Detection Tool (Recommended)
Is your PC infected with Windows Antivirus Patch? To safely & quickly detect Windows Antivirus Patch, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Antivirus Patch
What happens if Windows Antivirus Patch does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %APPDATA%\ Protector-tjlu.exe 234 2 Windows Antivirus Patch.lnk 110 3 %AppData%\NPSWF32.dll N/A 4 %AppData%\result.db N/A 5 %AppData%\Protector-[RANDOM CHARACTERS].exe N/A 6 %CommonStartMenu%\Programs\Windows Antivirus Patch.lnk N/A 7 %Desktop%\Windows Antivirus Patch.lnk N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-4-7_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "ahwohainwk"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe
Additional Information
- The following messages's were detected:
# Message 1 Error
Trojan activity detected. System data security is at risk.
It is recommended to activate protection and run a full system scan.2 Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.3 Warning! Identity theft attempt Detected
Hidden connection IP: 58.82.12.124
Target: Your passwords for sites
Posted: April 16, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 3,183
There is a real program called Antivirus Patch that these hackers are trying to copycat. Good that I found this post or I would have purchased the Antivirus Patch malware program. Thank God for you guys!