Windows Control Series

Windows Control Series Description

While Windows Control Series looks like an anti-malware product that could theoretically detect and remove all sorts of PC threats from phishing-based attacks to rootkits, SpywareRemove.com malware analysts have confirmed Windows Control Series’s membership in FakeVimes, making Windows Control Series no better than scamware. Like similar rogue anti-malware scanners, Windows Control Series isn’t able to offer legitimate security information and prefers to display alerts about PC threats, attacks and infections that actually aren’t on your computer in the first place. Given this, spending money on a registration key for Windows Control Series is strongly discouraged, despite Windows Control Series’s frequent requests for you to do exactly that as a way to save your PC from problems that don’t exist. As a member of a scamware family that’s known for causing security issues, including browser redirect attacks, Windows Control Series should be deleted as soon as you can gain access to a reputable anti-malware scanner that can perform the operation.

Windows Control Series: a Fraud in a Microsoft-Lookalike Suit

As is true for many other members of FakeVimes, Windows Control Series borrows the superficial looks of Windows Security Center to make itself look more trustworthy than Windows Control Series actually is. With only minor additions such as anti-phishing and memory-monitoring features, Windows Control Series comes off as an expansive security and anti-malware suite, but its threat-detection capabilities are entirely fraudulent. While Windows Control Series is active, Windows Control Series will display pop-up alerts, taskbar-based balloons and other security warnings about attacks against Windows components, identity theft and the presence of various types of harmful software, but these pop-ups should be disregarded as erroneous.

Likewise, Windows Control Series’s system scans may superficially look like real results, but have no ability to help your PC, since they’re designed to display Trojans and other infections without any attempt at accuracy. SpywareRemove.com malware experts have found that since Windows Control Series launches itself automatically, these symptoms will tend to display themselves regularly unless you make an explicit effort at blocking Windows Control Series.

Windows Control Series’s main intent is to steal money in its fake registration process, and although SpywareRemove.com malware experts warn against giving any financial information to Windows Control Series’s company, faking Windows Control Series’s registration can be helpful to ease its removal. Entering the code ’0W000-000B0-00T00-E0020′ can accomplish this for both Windows Control Series and other FakeVimes-based scamware, including Windows Malware Sleuth, Windows Crucial Scanner, Windows Premium Guard, Windows Safety Toolkit, Windows Performance Adviser, Windows Pro Solutions, Windows Guardian Angel, Windows Guard Solutions, Windows Basic Antivirus, Windows Turnkey Console, Live Enterprise Suite, Windows High-End Protection, Windows Antivirus Rampart, Windows PRO Scanner, Windows Expert Series, Windows Defending Center, Windows Antivirus Care, Best Antivirus Software, Windows ProSecurity Scanner, VirusSecurity, Windows Safety Checkpoint, Windows Internet Booster, Windows Warding System, Windows Proactive Safety, System Protection Tools, PrivacyGuard PRO, Windows Anti-Malware Patch, Internet Security Suite, Windows Pro Rescuer, Windows Shielding Utility, Windows Safeguard Upgrade, Windows Pro Web Helper, Windows Virtual Security, Windows Safety Manager, Keep Center Keeper, Windows Enterprise Suite, Home Safety Essentials, Windows Privacy Module, Windows Proprietary Advisor, Windows Instant Scanner, Windows Virtual Angel, Windows Safety Series, Windows Secure Surfer, Windows Software Saver, Windows Privacy Counsel, My Security Engine, Windows Secure Web Patch, Smart Virus Eliminator, Smart Security, Windows Safety Maintenance, Antivirus Smart Protection, Windows Risk Minimizer, Windows Secure Workshop, Windows Private Shield, My Security Wall, Windows Pro Defence, Windows Ultimate Safeguard, Windows Smart Warden, Windows Multi Control System, PC Live Guard, Windows Defence Counsel, Windows Custom Management, Windows Pro Safety Release, Windows Maintenance Guard, Windows Advanced Toolkit, Strong Malware Defender, Windows Threats Destroyer, Windows Process Director, Windows Performance Catalyst, Windows Antihazard Solution, Windows Virus Hunter, Windows Web Combat, Additional Guard, Windows Trouble Taker, Windows Efficiency Accelerator, Activate Ultimate Protection, Windows Managing System, Windows No-Risk Center, Windows AntiHazard Helper, Windows Safety Wizard, Windows Web Commander, Windows AntiHazard Center, Windows Secure Workstation, Windows Telemetry Center, Windows Firewall Constructor, Windows Active Guard, Windows Activity Debugger, Windows Abnormality Checker, Windows Virtual Firewall, Windows Interactive Safety, Virus Doctor, Windows Home Patron, Extra Antivirus, Windows Problems Stopper, Windows Custodian Utility, Windows Care Taker, My Security Shield, Windows No-Risk Agent, Volcano Security Suite, Security Antivirus, Windows Functionality Checker, Windows ProSecure Scanner, Windows Protection Master, Windows Safety Module, Windows System Defender, Windows Protection Unit, XP Smart Security, Windows Interactive Security, Windows Shield Tool, Windows Be-on-Guard Edition, Windows Security System, Windows Smart Partner, Windows Profound Security, Windows Security Renewal, Total Anti Malware Protection, Windows Advanced User Patch, Windows Active Defender, Security Master AV, Windows Maintenance Suite, Windows Security Suite, Windows Tools Patch, Windows Health Keeper, Windows Debug Center, Windows Sleek Performance, Live PC Care, Windows Premium Console, Anti-Malware Lab, Smart Internet Protection 2011, Windows Stability Guard, Windows Ultimate Security Patch, Windows Antivirus Release, Windows Privacy Extension, CleanUp Antivirus, Windows Antivirus Patch, Windows Premium Defender, Windows Antivirus Machine, Windows Guard Tools, Smart Engine, Windows Personal Doctor, Fast Antivirus 2009, Internet Security Essentials, Windows Software Keeper, Windows Daily Adviser, Smart Anti-Malware Protection, Windows First-Class Protector, Windows Advanced Security Center, Personal Security Sentinel, Windows Custom Safety, Windows Protection Maintenance, Smart Internet Protection 2012, Enterprise Suite, Personal Internet Security 2011, Best Malware Protection, Windows Enterprise Defender, Windows Pro Safety, Windows PC Aid and Home Malware Cleaner.

What to Do When Windows Control Series Takes Control of Your PC Away from You

The obvious symptoms of a Windows Control Series infection may include fake security functions, but Windows Control Series can also play party to more dangerous attacks than those previously listed. Some of the top security issues that SpywareRemove.com malware researchers have associated with Windows Control Series and its clones include, but aren’t limited to:

Browser redirects to sites that promote Windows Control Series, spam search engines that profit off of your unwilling traffic and fake error pages (the latter often being included to block you from visiting legitimate security sites).
Deleted Registry entries for legitimate programs, including firewall tools, anti-virus scanners and similar security-related applications. This will cause these programs to fail to function unless the relevant entries are restored or your programs are re-installed.
Programs may also be blocked by Windows Control Series from memory. Unlike the above attack, this form of block doesn’t damage Windows components or your application, although you may be unable to launch the program until you’ve shut Windows Control Series down.

Windows Control Series Automatic Detection Tool (Recommended)

Is your PC infected with Windows Control Series? To safely & quickly detect Windows Control Series, we highly recommend you run the malware scanner listed below.

Download SpyHunter's* Malware Scanner to detect Windows Control Series What happens if Windows Control Series does not let you open SpyHunter or blocks the Internet?

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

#	File Name	Detection Count
1	Windows Control Series.lnk	621
2	%APPDATA%\ Protector-khea.exe	614
3	%AppData%\Protector-[RANDOM CHARACTERS].exe	N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.

The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Inspector = %AppData%\Protector-[RANDOM CHARACTERS].exeHKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\a.exe\Debugger = svchost.exeHKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aAvgApi.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ackwin32.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agent.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentsvr.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\agentw.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alevir.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alogserv.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe\"Debugger" = "svchost.exe"HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV\"Debugger" = "svchost.exe"

Additional Information

The following messages's were detected:

#	Message
1	Error Attempt to modify registry key entries detected. Registry entry analysis is recommended.
2	Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
3	Warning Firewall has blocked a program from accessing the Internet C:program filesinternet exploreriexplore.exe is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.