Windows Attacks Preventor

Windows Attacks Preventor Description



Windows Attacks Preventor Screenshot 1Windows Attacks Preventor may have mastered the outer looks of an anti-malware scanner, but with regards to its actual features, Windows Attacks Preventor is no better than a Trojan or virus, and alerts and scan results from Windows Attacks Preventor are always inaccurate.
Download SpyHunter Spyware Scanner
Since Windows Attacks Preventor doesn’t have any real security features, Windows Attacks Preventor creates fake threat information to persuade you to spend money in a fraudulent registration process – a process that SpywareRemove.com malware researchers discourage in favor of deleting Windows Attacks Preventor with a system scan from legitimate anti-malware software. As a rogue anti-virus scanner with plenty of tricks up its sleeve, Windows Attacks Preventor may also be a source of web-browsing redirect attacks or malfunctions in your security software until Windows Attacks Preventor is completely removed.

Windows Attacks Preventor: A Fraud That’s Newly Stamped Out from an Oft-Used Mold


Windows Attacks Preventor markets itself as an independent and reputable product that can guard your PC against phishing attacks and other PC threats, but SpywareRemove.com malware analysts have lined Windows Attacks Preventor up as just another clone from the WinWeb Security family of fake anti-virus scanners. As if its misspelled name weren’t enough, Windows Attacks Preventor is visually identical to well-known PC threats like Live Security Platinum, Total Security 2009, AVASoft Antivirus Professional, Security Shield 2012, Security Monitor 2012, Live Essential Platinum, Security Scanner 2012, Security Tool, Total Security, System Security, Advanced PC Shield 2012, Personal Shield Pro, Winweb Security, System Adware Scanner 2010, System Care Antivirus, Security Sphere 2012, Windows Ultra-Antivirus, Security Shield, Smart Fortress 2012, Advanced Security Tool 2010, Disk Antivirus Professional, Security Shield/Scanner, System Security 2012, Microsoft Antivirus 2013, MS Removal Tool, Windows Secure Kit 2011, System Progressive Protection, Smart Protection 2012 and System Tool 2011. Infection vectors such as Trojan droppers that are capable of installing Windows Attacks Preventor may also install related PC threats from the same family, and you should scan your entire computer while removing Windows Attacks Preventor to make sure that fresh attacks from the same sources will not reoccur.

Many of Windows Attacks Preventor’s fake alerts and other pop-ups are also borrowed from previous members of its family, and, as such, are completely ignorable as sources of information on PC threats or other issues that may be troubling your computer. Since Windows Attacks Preventor is unable to detect legitimate problems with your PC, viruses and other threats that Windows Attacks Preventor digs up are all illusionary issues that Windows Attacks Preventor creates to deceive you with messages like the following:

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Security Center Alert
To help protect your computer, Security Center has blocked some features of this program.
Name: Win64.BIT.Looker.exe
Risk: High

System warning
No real-time malware, spyware and virus protection was found. Click here to activate.

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Attempt to run a potentially dangerous script detected.
Full system is highly recommended.

Warning! Virus Detected
Threat detected: FTP Server
Infected file: C:\Windows\System32\dllcache\wmpshell.dll

Overcoming Windows Attacks Preventor’s Passive-Aggressive ‘Security’


Because Windows Attacks Preventor will launch itself automatically and avoid being closed or removed by normal methods, you’ll also be under attack by other Windows Attacks Preventor-related functions besides its pop-ups and system scans – without any obvious way to turn them off. SpywareRemove.com malware research team recommends that you combat the symptoms noted below by booting from a USB device or switching to Safe Mode (to suggest two common methods of disabling Windows Attacks Preventor) before you remove Windows Attacks Preventor with an appropriate anti-malware program.

Other symptoms that can be a result of a Windows Attacks Preventor infection include:
  • Browser redirect attacks. Redirects may display fake warning screens, block your ability to access certain websites, change your search results or redirect you to Windows Attacks Preventor’s own site.
  • Problems accessing Windows utilities such as the Registry Editor or Task Manager that are replaced by fake Windows Attacks Preventor features.
  • Problems accessing other programs, which Windows Attacks Preventor may block under the pretense that they’re infected.


Windows Attacks Preventor Automatic Detection Tool (Recommended)


Is your PC infected with Windows Attacks Preventor? To safely & quickly detect Windows Attacks Preventor, we highly recommend you run the malware scanner listed below.



Visual & GUI Characteristics


Windows Attacks Preventor Screenshot 2Windows Attacks Preventor Screenshot 3Windows Attacks Preventor Screenshot 4Windows Attacks Preventor Screenshot 5Windows Attacks Preventor Screenshot 6Windows Attacks Preventor Screenshot 7Windows Attacks Preventor Screenshot 8Windows Attacks Preventor Screenshot 9Windows Attacks Preventor Screenshot 10Windows Attacks Preventor Screenshot 11

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 Windows Attacks Preventor.lnk 372
    2 %APPDATA%\ Protector-grd.exe 131
    3 %CommonStartMenu%\Programs\Windows Attacks Preventor.lnk N/A
    4 %Desktop%\Windows Attacks Preventor.lnk N/A
    5 %AppData%\result.db N/A
    6 %AppData%\NPSWF32.dll N/A
    7 %AppData%\Protector-.exe N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = 2012-3-1_2HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "fneqtdmtpi"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashCnsnt.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avxmonitor9x.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mmod.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\oasrv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\symtray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\windows Police Pro.exe

Additional Information

  • The following messages's were detected:
    # Message
    1Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
    2Error Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.
    3Warning! Virus Detected Threat detected: FTP Server Infected file: C:\Windows\System32\dllcache\wmpshell.dll
Posted: March 2, 2012 | By
Share:
Follow Me on Pinterest More More
Threat Level: 10/10
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Rate this article:
Detection Count: 23

One Comment

  • Carl says:
    May 31, 2012 at 5:47 pm

    1) dunno2) get antivirus sorfwate. Good one. Like avira, kaspersky, ect.3) get good AV sorfwate4) All you needed was cheap antivirus sorfwate that will protect you from other crap aswellAVS doesnt always do the trick but 95% of the time it will.

Leave a Reply

What is 12 + 10 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)