Windows Attacks Defender

Windows Attacks Defender Description



Windows Attacks Defender Screenshot 1Windows Attacks Defender is another variant of Windows PRO Scanner and other fake anti-virus scanners from the subgroup of scamware, and like its relatives, substitutes fake threat detection for the real thing. Unfortunately, although Windows Attacks Defender does create a convincing facsimile of security software with fake system scans, fake firewall settings and even a replacement for the Task Manager, the only thing that Windows Attacks Defender is capable of defending is itself – with attacks that shut down your computer’s security software and hijack your web browser. SpywareRemove.com malware research team recommends that you treat Windows Attacks Defender as no better than other members of its family, and delete Windows Attacks Defender with reputable anti-malware software that can match the boasts that Windows Attacks Defender makes of its own security features.

Windows Attacks Defender: a Newborn to a Poorly-Received Family of Frauds


Windows Attacks Defender is still, as of early March 2012, a very new PC threat, but Windows Attacks Defender is based on rogue anti-virus applications that have been circulating for over a year. SpywareRemove.com malware researchers note that Windows Attacks Defender is identical in all major respects to previous examples of its kin, such as Windows Attacks Defender’s features include an automatic start up routine that changes the Registry to allow Windows Attacks Defender to be launched with Windows, although extra security measures, such as booting to Safe Mode, should be able to disable Windows Attacks Defender.

While Windows Attacks Defender’s foremost purpose is to make you spend money to register its software, Windows Attacks Defender supports its requests for registration with a well-chosen arsenal of fake security threats and genuine security attacks, such as:
  • Fake warning messages that may display in various settings and formats, including toolbar notifications and web browser alerts.
  • Imitations of system scans that, of course, always return extremely negative (and unlikely) results.
  • Web browser attacks that redirect your browser away from security-oriented sites or towards Windows Attacks Defender’s home site.
  • However, SpywareRemove.com malware experts consider Windows Attacks Defender’s most trouble attacks to be its attempts to block unrelated programs, especially Task Manager (which Windows Attacks Defender may replace with its own worthless utility).
    Download SpyHunter Spyware Scanner
    This may make it difficult to delete Windows Attacks Defender appropriately without disabling Windows Attacks Defender first.

Since fake messages from Windows Attacks Defender can use many formats, the following examples have been provided for referential purposes:

Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Win64.BIT.Looker.exe
Risk: High

ERROR MESSAGE:
Warning
Warning! Virus detected
Threat Detected: Trojan-Spy.HTML.Sunfraud.a

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Attempt to run a potentially dangerous script detected.
Full system is highly recommended.

Warning! Identity theft attempt detected
Hidden connection IP: 128.154.26.11
Target: Microsoft Corporation keys

System warning
No real-time malware, spyware and virus protection was found. Click here to activate.

Warning! Virus Detected
Threat detected: FTP Server
Infected file: C:\Windows\System32\dllcache\wmpshell.dll

Putting Up a Defense That Windows Attacks Defender Can’t Shatter


If you do see the obvious symptoms of a Windows Attacks Defender infection on your PC, SpywareRemove.com malware analysts have recommended the following steps to prevent Windows Attacks Defender from attacking your PC further and removing Windows Attacks Defender as fast and carefully as possible. They also stress that purchasing Windows Attacks Defender is never necessary or even wise, since Windows Attacks Defender lacks any sort of legitimate security-related features and isn’t significantly easier to remove in its purchased format as opposed to its faux trial version.
  • Boot Windows via Safe Mode or a USB device, either of which should disable Windows Attacks Defender’s start up entries. Alternately, if available, you may use a separate operating system on the same computer.
  • If necessary, download or update your anti-malware software, since Windows Attacks Defender may include alterations that make it more difficult to detect than other members of the Rogue.VirusDoctor family.
  • Scan your PC as thoroughly as possible to delete Windows Attacks Defender and related PC threats that may also have come aboard with Windows Attacks Defender’s installation. Even though Windows Attacks Defender may provide its own removal utility, SpywareRemove.com malware experts stress that you should never trust a removal tool that’s provided by a PC threat like Windows Attacks Defender.


Windows Attacks Defender Automatic Detection Tool (Recommended)


Is your PC infected with Windows Attacks Defender? To safely & quickly detect Windows Attacks Defender, we highly recommend you run the malware scanner listed below.



Visual & GUI Characteristics


Windows Attacks Defender Screenshot 2Windows Attacks Defender Screenshot 3Windows Attacks Defender Screenshot 4Windows Attacks Defender Screenshot 5Windows Attacks Defender Screenshot 6Windows Attacks Defender Screenshot 7Windows Attacks Defender Screenshot 8Windows Attacks Defender Screenshot 9Windows Attacks Defender Screenshot 10

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ Protector-myq.exe 593
    2 Windows Attacks Defender.lnk 379
    3 %AppData%\Protector-oak.exe N/A
    4 %AppData%\NPSWF32.dll N/A
    5 %CommonPrograms%\Windows Attacks Defender.lnk N/A
    6 %DesktopDir%\Windows Attacks Defender.lnk N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run!Inspector
Posted: March 2, 2012 | By
Share:
Follow Me on Pinterest More More
Threat Level: 10/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:
Detection Count: 26

Leave a Reply

What is 9 + 3 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)