Windows Internet Booster

Windows Internet Booster Description

Windows Internet Booster Screenshot 1Windows Internet Booster is a new variant of Win32/FakeVimes, a category of fake anti-virus and general security products. Other than a new name that (inaccurately) implies that its features branch out into network optimization, Windows Internet Booster doesn’t show any distinguishing characters from its ancestors and includes the usual assortment of fraudulent security pop-ups, bad system scans, browser hijacks and unwarranted software-blocking attacks. Although Windows Internet Booster keeps up a careful presentation of looking like a security-oriented program, keeping Windows Internet Booster on your PC can only cause harm due to the various security-debilitating attacks that are all typical to similar types of FakeVimes-based scamware. As such, malware analysts suggest Windows Internet Booster’s immediate deletion by way of an appropriate anti-malware scanner.

Windows Internet Booster – a New Name for the Same Scamware Fresh Off the Assembly Line

Because Windows Internet Booster copies its interface and code wholesale from previous versions of rogue anti-virus scanners of the FakeVimes family, Windows Internet Booster can effectively be considered a clone or copy of such PC threats as Windows Web Watchdog, Windows Internet Guard, Windows Be-on-Guard Edition, Windows Antivirus Patch, Windows Secure Surfer, Windows Prime Accelerator, Windows Proprietary Advisor, Windows Expert Series, Windows Activity Booster, Windows Warding System, PrivacyGuard PRO, Windows Smart Warden, System Protection Tools, Live PC Care, Windows Antivirus Release, Security Antivirus, System Smart Security, Windows Pro Safety, Windows Security Booster, Windows Prime Booster, Windows Antibreaking System, Windows Telemetry Center, Windows Antivirus Tool, Windows Processes Accelerator, Windows AntiHazard Center, Windows Guard Tools, Windows Advanced Security Center, Windows Protection Booster, PC Live Guard, Windows Instant Scanner, Windows Antivirus Rampart, Windows PC Aid, Internet Security Essentials, Windows Safety Toolkit, Windows Security Renewal, Windows Privacy Counsel, Windows Privacy Extension, Windows Abnormality Checker, Windows Guardian Angel, Windows Interactive Security, Windows Custom Management, Smart Anti-Malware Protection, Windows Custom Safety, Windows ProSecure Scanner, Windows No-Risk Center, Additional Guard and Windows Virtual Angel. These modern variants of Win32/FakeVimes can all be identified by their Windows Security Center-esque appearances, their fake anti-phishing features and their forcible substitute for Windows Task Manager – a ‘feature’ that’s called Advanced Process Control.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

However, malware researchers also warn that Windows Internet Booster can take action against other programs besides Task Manager, and may block the Registry Editor or various anti-virus products.

Windows Internet Booster will claim that these applications are being blocked due to various infections or other forms of damage, but Windows Internet Booster, as scamware, doesn’t have any ability to detect real PC threats, including trojans, viruses, keyloggers or other types of high-level security hazards. While Windows Internet Booster will attempt to persuade you to spend money on a purchasable registration key, malware researchers note that there never is any good justification for sending money to the criminals behind Windows Internet Booster – particularly when appropriate anti-malware programs can remove Windows Internet Booster easily enough.

Saving Your PC from Windows Internet Booster’s Phony Booster Shots

As a fake anti-virus program, Windows Internet Booster, unfortunately, gives its victims more to worry about than just software inaccessibility and fake system alerts. Because Windows Internet Booster will launch itself with Windows to conduct the following attacks, malware experts suggest that you use any a Safe Mode boot or remote hard drive-based boot to stop the symptoms noted below before they can even start:
  • Online search redirects to unusual or potentially harmful websites.
  • Disabled UAC features that block potentially-harmful system changes.
  • Disabled protection from files with invalid signatures – a common trait for fraudulent PC threats that install themselves by pretending to be legitimate products.

Windows Internet Booster can also be ‘registered’ for free with the code ‘0W000-000B0-00T00-E0020,’ which can provide some minor assistance with making it easy to delete Windows Internet Booster.

Windows Internet Booster Automatic Detection Tool (Recommended)

Is your PC infected with Windows Internet Booster? To safely & quickly detect Windows Internet Booster we highly recommend you run the malware scanner listed below.

Visual & GUI Characteristics

Windows Internet Booster Screenshot 2Windows Internet Booster Screenshot 3Windows Internet Booster Screenshot 4Windows Internet Booster Screenshot 5Windows Internet Booster Screenshot 6Windows Internet Booster Screenshot 7Windows Internet Booster Screenshot 8Windows Internet Booster Screenshot 9Windows Internet Booster Screenshot 10Windows Internet Booster Screenshot 11Windows Internet Booster Screenshot 12Windows Internet Booster Screenshot 13

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ Protector-bahj.exe 7
    2 %AppData%\NPSWF32.dll N/A
    3 %AppData%\Protector-[RANDOM].exe N/A
    4 %AppData%\result.db N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\InspectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [Date of Installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
Posted: May 5, 2012 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 30

One Comment

Leave a Reply

What is 6 + 10 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)