Windows Internet Booster

Windows Internet Booster Description

Windows Internet Booster Screenshot 1Windows Internet Booster is a new variant of Win32/FakeVimes, a category of fake anti-virus and general security products. Other than a new name that (inaccurately) implies that its features branch out into network optimization, Windows Internet Booster doesn’t show any distinguishing characters from its ancestors and includes the usual assortment of fraudulent security pop-ups, bad system scans, browser hijacks and unwarranted software-blocking attacks. Although Windows Internet Booster keeps up a careful presentation of looking like a security-oriented program, keeping Windows Internet Booster on your PC can only cause harm due to the various security-debilitating attacks that are all typical to similar types of FakeVimes-based scamware. As such, malware analysts suggest Windows Internet Booster’s immediate deletion by way of an appropriate anti-malware scanner.

Windows Internet Booster – a New Name for the Same Scamware Fresh Off the Assembly Line

Because Windows Internet Booster copies its interface and code wholesale from previous versions of rogue anti-virus scanners of the FakeVimes family, Windows Internet Booster can effectively be considered a clone or copy of such PC threats as Windows Antivirus Booster, Enterprise Suite, Windows Protection Unit, Windows AntiBreach Helper, Windows Secure Workstation, Windows Prime Accelerator, My Security Shield, Windows PRO Scanner, Windows Firewall Constructor, Virus Doctor, Windows Secure Surfer, Windows Custom Safety, Windows Antivirus Care, Windows Prime Booster, Windows Antibreach Module, Advanced Antispyware Solution, Windows Warding Module, Smart Anti-Malware Protection, Windows Personal Detective, Windows Efficiency Reservoir, Windows Trojans Inspector, Windows Virtual Angel, Personal Security Sentinel, Windows Functionality Checker, Windows Defence Master, System Smart Security, Windows Basic Antivirus, Windows Warding System, Windows Managing System, Windows Antibreaking System, Windows AntiBreach Suite, Windows Foolproof Protector, Windows Active HotSpot, Malware Protection, Windows Safety Maintenance, XP Smart Security, Windows Web Watchdog, Windows Premium Shield, Windows Virtual Firewall, Windows Advanced User Patch, Windows No-Risk Center, Windows Security Renewal, Windows Virus Hunter, Windows Active Guard, Windows Control Series, Windows Secure Workshop, Anti-Malware Lab and Windows Prime Shield. These modern variants of Win32/FakeVimes can all be identified by their Windows Security Center-esque appearances, their fake anti-phishing features and their forcible substitute for Windows Task Manager – a ‘feature’ that’s called Advanced Process Control.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

However, malware researchers also warn that Windows Internet Booster can take action against other programs besides Task Manager, and may block the Registry Editor or various anti-virus products.

Windows Internet Booster will claim that these applications are being blocked due to various infections or other forms of damage, but Windows Internet Booster, as scamware, doesn’t have any ability to detect real PC threats, including trojans, viruses, keyloggers or other types of high-level security hazards. While Windows Internet Booster will attempt to persuade you to spend money on a purchasable registration key, malware researchers note that there never is any good justification for sending money to the criminals behind Windows Internet Booster – particularly when appropriate anti-malware programs can remove Windows Internet Booster easily enough.

Saving Your PC from Windows Internet Booster’s Phony Booster Shots

As a fake anti-virus program, Windows Internet Booster, unfortunately, gives its victims more to worry about than just software inaccessibility and fake system alerts. Because Windows Internet Booster will launch itself with Windows to conduct the following attacks, malware experts suggest that you use any a Safe Mode boot or remote hard drive-based boot to stop the symptoms noted below before they can even start:
  • Online search redirects to unusual or potentially harmful websites.
  • Disabled UAC features that block potentially-harmful system changes.
  • Disabled protection from files with invalid signatures – a common trait for fraudulent PC threats that install themselves by pretending to be legitimate products.

Windows Internet Booster can also be ‘registered’ for free with the code ‘0W000-000B0-00T00-E0020,’ which can provide some minor assistance with making it easy to delete Windows Internet Booster.

Windows Internet Booster Automatic Detection Tool (Recommended)

Is your PC infected with Windows Internet Booster? To safely & quickly detect Windows Internet Booster we highly recommend you run the malware scanner listed below.

Visual & GUI Characteristics

Windows Internet Booster Screenshot 2Windows Internet Booster Screenshot 3Windows Internet Booster Screenshot 4Windows Internet Booster Screenshot 5Windows Internet Booster Screenshot 6Windows Internet Booster Screenshot 7Windows Internet Booster Screenshot 8Windows Internet Booster Screenshot 9Windows Internet Booster Screenshot 10Windows Internet Booster Screenshot 11Windows Internet Booster Screenshot 12Windows Internet Booster Screenshot 13

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ Protector-bahj.exe 7
    2 %AppData%\NPSWF32.dll N/A
    3 %AppData%\Protector-[RANDOM].exe N/A
    4 %AppData%\result.db N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\InspectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [Date of Installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
Posted: May 5, 2012 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 30

One Comment

Leave a Reply

What is 9 + 3 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)