Windows Internet Booster

Windows Internet Booster Description

Windows Internet Booster Screenshot 1Windows Internet Booster is a new variant of Win32/FakeVimes, a category of fake anti-virus and general security products. Other than a new name that (inaccurately) implies that its features branch out into network optimization, Windows Internet Booster doesn’t show any distinguishing characters from its ancestors and includes the usual assortment of fraudulent security pop-ups, bad system scans, browser hijacks and unwarranted software-blocking attacks. Although Windows Internet Booster keeps up a careful presentation of looking like a security-oriented program, keeping Windows Internet Booster on your PC can only cause harm due to the various security-debilitating attacks that are all typical to similar types of FakeVimes-based scamware. As such, malware analysts suggest Windows Internet Booster’s immediate deletion by way of an appropriate anti-malware scanner.

Windows Internet Booster – a New Name for the Same Scamware Fresh Off the Assembly Line

Because Windows Internet Booster copies its interface and code wholesale from previous versions of rogue anti-virus scanners of the FakeVimes family, Windows Internet Booster can effectively be considered a clone or copy of such PC threats as My Security Engine, Windows Antivirus Release, Windows Software Keeper, Windows Secure Workshop, Windows Guardian Angel, Windows ProSecurity Scanner, Windows Antivirus Care, Windows Process Director, Windows Proactive Safety, Windows Control Series, Windows Safety Wizard, Windows No-Risk Agent, Windows Component Protector, Windows Crucial Scanner, Windows Security Renewal, Extra Antivirus, Windows Expert Series, Windows PC Aid, Windows Anti-Malware Patch, Windows Shielding Utility, Windows Telemetry Center, Windows Antibreach Tool, Live Enterprise Suite, Windows Security Booster, Windows Antivirus Master, Windows Privacy Extension, Windows Pro Safety, Smart Internet Protection 2011, Windows Daily Advisor, Windows Daily Adviser, My Security Shield, Smart Internet Protection 2012, Windows Safety Module, PC Live Guard, Windows Advanced User Patch, Windows Antibreach Module, System Protection Tools, Windows Efficiency Kit, Windows Antivirus Helper, Windows Efficiency Reservoir, Windows Antivirus Adviser, Windows Problems Stopper, Windows Secure Web Patch, Smart Virus Eliminator, Windows Activity Booster, Smart Security, Windows Pro Safety Release, Windows Protection Tool and My Security Wall. These modern variants of Win32/FakeVimes can all be identified by their Windows Security Center-esque appearances, their fake anti-phishing features and their forcible substitute for Windows Task Manager – a ‘feature’ that’s called Advanced Process Control.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

However, malware researchers also warn that Windows Internet Booster can take action against other programs besides Task Manager, and may block the Registry Editor or various anti-virus products.

Windows Internet Booster will claim that these applications are being blocked due to various infections or other forms of damage, but Windows Internet Booster, as scamware, doesn’t have any ability to detect real PC threats, including trojans, viruses, keyloggers or other types of high-level security hazards. While Windows Internet Booster will attempt to persuade you to spend money on a purchasable registration key, malware researchers note that there never is any good justification for sending money to the criminals behind Windows Internet Booster – particularly when appropriate anti-malware programs can remove Windows Internet Booster easily enough.

Saving Your PC from Windows Internet Booster’s Phony Booster Shots

As a fake anti-virus program, Windows Internet Booster, unfortunately, gives its victims more to worry about than just software inaccessibility and fake system alerts. Because Windows Internet Booster will launch itself with Windows to conduct the following attacks, malware experts suggest that you use any a Safe Mode boot or remote hard drive-based boot to stop the symptoms noted below before they can even start:
  • Online search redirects to unusual or potentially harmful websites.
  • Disabled UAC features that block potentially-harmful system changes.
  • Disabled protection from files with invalid signatures – a common trait for fraudulent PC threats that install themselves by pretending to be legitimate products.

Windows Internet Booster can also be ‘registered’ for free with the code ‘0W000-000B0-00T00-E0020,’ which can provide some minor assistance with making it easy to delete Windows Internet Booster.

Windows Internet Booster Automatic Detection Tool (Recommended)

Is your PC infected with Windows Internet Booster? To safely & quickly detect Windows Internet Booster we highly recommend you run the malware scanner listed below.

Visual & GUI Characteristics

Windows Internet Booster Screenshot 2Windows Internet Booster Screenshot 3Windows Internet Booster Screenshot 4Windows Internet Booster Screenshot 5Windows Internet Booster Screenshot 6Windows Internet Booster Screenshot 7Windows Internet Booster Screenshot 8Windows Internet Booster Screenshot 9Windows Internet Booster Screenshot 10Windows Internet Booster Screenshot 11Windows Internet Booster Screenshot 12Windows Internet Booster Screenshot 13

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ Protector-bahj.exe 7
    2 %AppData%\NPSWF32.dll N/A
    3 %AppData%\Protector-[RANDOM].exe N/A
    4 %AppData%\result.db N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\InspectorHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [Date of Installation]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM]HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
Posted: May 5, 2012 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 30

One Comment

Leave a Reply

What is 14 + 7 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)