Windows Daily Advisor

Windows Daily Advisor is a new variant of Win32/FakeVimes-based scamware that has been identified as being in active distribution as of early May 2012. Windows Daily Advisor appears to be an anti-virus and security program but doesn’t have any of the numerous features that it promotes. SpywareRemove.com malware experts suggest that you remove Windows Daily Advisor with a reliable anti-malware scanner once you notice Windows Daily Advisor’s pop-ups or other symptoms of its presence on your PC. However, since Windows Daily Advisor, like other modern variants of , can act to block your security applications, you may also need to deactivate Windows Daily Advisor’s startup method via one of several options before you can access suitable software for Windows Daily Advisor’s safe removal.

Finding the Flaws in Windows Daily Advisor’s Little Pearls of PC Security Wisdom

Windows Daily Advisor includes the Advanced Process Control feature, anti-phishing feature, system scanner and other aspects of modern FakeVimes-based rogue anti-virus programs, including the ability to display pop-ups about numerous types of PC threats. However, SpywareRemove.com malware analysts have espied a significant difference between Windows Daily Advisor’s security diagnostics and analyses from genuine anti-malware products: the fact that Windows Daily Advisor only provides warnings about infections and attacks that aren’t actually taking place. This is standard for its family of fake anti-virus scanners, which are also capable of capable of providing system toolbar pop-ups and system scans, in addition to fake pop-ups.

While Windows Daily Advisor attempts to distract you with this fake security info, your PC will also be under attack by the other side effects of a Windows Daily Advisor infection, which are typically attributed to nonexistent keyloggers, trojans, viruses and even rootkits. Although Windows Daily Advisor recommends that you spend money on a registration key for itself so that it can remove these problems, SpywareRemove.com malware experts note that there’s no reason to do this, since Windows Daily Advisor is, by itself, likely to be the cause of all your troubles and can be removed without purchasing it. Nonetheless, faking Windows Daily Advisor’s registration with the code ’0W000-000B0-00T00-E0020′ can be useful for reducing its attacks to a more easily-manageable state than their default levels.

Why Windows Daily Advisor Has Real Attacks to Back Up Its Mirage of PC Security

Windows Daily Advisor most identifiable attributes may be related to its fake promises of security and anti-virus functions, but its deadliest functions are related to directly lowering the state of your computer’s safety. SpywareRemove.com malware analysts have found that the following security issues are common for both Windows Daily Advisor specifically and for other recent members of Win32/FakeVim such as :

• Disabled access to the UAC, which blocks unusual system changes that occur without the user’s authorization.
• Browser redirect attacks, particularly with respect to online searches and search engine usage.
• Blocked security and anti-malware programs, including Windows tools such as the thoroughly-used Task Manager. Since this attack, in particular, can make it difficult to delete Windows Daily Advisor appropriately, SpywareRemove.com malware research team encourages you to use some means of launching Windows without Windows Daily Advisor being active (such as by booting your OS from a removable hard drive) to renew access to any necessary software.

Windows Daily Advisor Automatic Detection Tool (Recommended)

Visual & GUI Characteristics

Technical Details

Registry Modifications

• The following newly produced Registry Values are:
  HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\InspectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0

Home Malware ProgramsRogue Anti-Spyware Programs Windows Daily Advisor