Windows Pro Rescuer
Windows Pro Rescuer Description
Windows Pro Rescuer is a new member of the Win32/FakeVimes subcategory of rogue anti-virus scanners. After Windows Pro Rescuer is installed, system scans, pop-up warnings and other forms of fake security information will try to mislead you into purchasing Windows Pro Rescuer’s ‘full’ version to defend your computer against a growing host of PC threats, including both malicious software and live attacks. However, SpywareRemove.com malware researchers consider this a poor choice of a security solution, since Windows Pro Rescuer, itself, isn’t able to detect any type of PC threat and may even attack your real security software to prevent you from using it. Since Windows Pro Rescuer doesn’t have any of its marketed features and is as damaging to your PC as any worm or virus, disabling and then deleting Windows Pro Rescuer with a genuine anti-malware product is the best way to protect your machine.
Windows Pro Rescuer: Sweeping in to Save the Day from Imaginary Perils
Windows Pro Rescuer, unlike a real anti-virus scanner, doesn’t even try to detect genuine dangers to your PC, and has no ability to ward off any type of security risk or hostile software. Instead, Windows Pro Rescuer provides fake information that’s crammed full of misleading and outright false information about your computer. For example, SpywareRemove.com malware analysts have found cases of Windows Pro Rescuer and related fake AV programs alerting victims about non-existent PC threats, as in the example below:
ERROR MESSAGE:
Warning
Warning! Virus detected
Threat Detected: Trojan-Spy.HTML.Sunfraud.a
Other attacks may imply that imaginary attacks are targeting your PC or are using your PC’s resources for their own sinister purposes:
Security Center
Unauthorized remote connection!
Your system is making an unauthorized personal data transfer to a remote computer!
Warning! Unauthorized personal data transfer is detected! It may be your personal credit card details, logins and passwords, browsing habits or information about files you have downloaded.
To protect your private data, please click ‘Prevent Connection’ button below.
This bad security information supplements Windows Pro Rescuer’s fake system scans and other fraudulent security features, which ultimately don’t serve any purpose except to encourage you to pay for Windows Pro Rescuer’s registration key.
Dispelling the Last of Windows Pro Rescuer’s Doubts with Real Security Software
SpywareRemove.com malware researchers have also perceived, with some amusement, the inclusion of a warning about programs with invalid signatures in Windows Pro Rescuer’s roster of fake threats – an ironic warning message, since Windows Pro Rescuer can actually disable your operating system’s defenses against invalid file signatures. However, this attack and the other fake security issues mentioned earlier aren’t the limit to Windows Pro Rescuer’s arsenal, which can also include:
- Search engine hijacks.
- Blocking your security programs (as well as some types of competing scamware).
- Disabling baseline security features for Windows.
These attacks are common to FakeVimes-based PC threats like Windows Pro Rescuer, and may force you to disable Windows Pro Rescuer by one of several methods before you can delete Windows Pro Rescuer once and for all. However, SpywareRemove.com malware experts emphasize the ability of competent anti-malware applications to remove Windows Pro Rescuer safely, since Windows Pro Rescuer’s family of fake AV products has been in circulation with only minor changes for years. Among the FakeVimes family members are Windows Antivirus Release, Virus Doctor, Windows Profound Security, Windows Interactive Safety, XP Smart Security, Windows Security System, My Security Engine, Extra Antivirus, Windows Private Shield, Windows Antivirus Rampart, Windows Ultimate Safeguard, My Security Wall, Anti-Malware Lab, Windows Performance Catalyst, Windows Safety Manager, Windows Maintenance Guard, Internet Security Suite, Windows Firewall Constructor, Windows Problems Stopper, Windows Antivirus Patch, Windows Expert Series, Windows Web Commander, Windows Performance Adviser, Windows Proprietary Advisor, PC Live Guard, Best Malware Protection, Windows Stability Guard, Windows Virtual Security, Windows Secure Web Patch, Windows Trouble Taker, Windows Enterprise Defender, Windows Custodian Utility, Windows Shield Tool, Windows Safeguard Upgrade, Keep Center Keeper, Fast Antivirus 2009, Windows Protection Maintenance, Smart Anti-Malware Protection, Windows Safety Maintenance, Live Enterprise Suite, Windows Defending Center, Windows Proactive Safety, Windows Turnkey Console, Windows Secure Workshop, Windows Defence Counsel, Windows Secure Workstation, Windows Safety Series, Windows First-Class Protector, Smart Virus Eliminator, Smart Internet Protection 2011, Windows Smart Warden, Windows Protection Unit, Security Antivirus, Windows Activity Debugger, Windows Privacy Module, Windows Home Patron, Windows Security Suite, Windows Safety Wizard, Antivirus Smart Protection, Windows No-Risk Agent, Best Antivirus Software, Windows Debug Center, Windows Personal Doctor, Windows AntiHazard Helper, Windows Antivirus Care, Windows Efficiency Accelerator, Windows Premium Defender, Volcano Security Suite, Windows Be-on-Guard Edition, Windows Pro Web Helper, Windows Functionality Checker, Windows Advanced User Patch, Windows Web Combat, Windows Malware Sleuth, Windows No-Risk Center, Personal Security Sentinel, Windows Antivirus Machine, Windows Protection Master, Windows Safety Toolkit, Windows Advanced Toolkit, Windows Managing System, Windows Pro Solutions, Windows Pro Safety Release, Windows Virtual Angel, Windows Security Renewal, Windows Daily Adviser, Windows Premium Console, PrivacyGuard PRO, Smart Engine, Windows PRO Scanner, Windows Sleek Performance, Windows High-End Protection, Windows Custom Safety, Windows Privacy Extension, Smart Security, Windows Virus Hunter, Strong Malware Defender, Home Malware Cleaner, Windows Warding System, Windows Active Guard, My Security Shield, Windows Basic Antivirus, Windows ProSecure Scanner, Personal Internet Security 2011, Windows Premium Guard, Windows Enterprise Suite, Windows Pro Safety, Enterprise Suite, Windows Multi Control System, CleanUp Antivirus, Windows Abnormality Checker, Windows Pro Defence, Windows Smart Partner, Windows Safety Checkpoint, Windows Advanced Security Center, System Protection Tools, Windows Instant Scanner, Total Anti Malware Protection, Windows Secure Surfer, Windows Tools Patch, Windows Risk Minimizer, Windows Health Keeper, Windows AntiHazard Center, Windows Custom Management, Additional Guard, Home Safety Essentials, Windows Virtual Firewall, Windows Threats Destroyer, Windows Process Director, Windows Software Saver, Windows Guard Solutions, Windows Internet Booster, Windows Guard Tools, Security Master AV, Windows Care Taker, Windows Safety Module, Windows ProSecurity Scanner, Windows Maintenance Suite, Windows Interactive Security, Internet Security Essentials, Smart Internet Protection 2012, VirusSecurity, Windows Software Keeper, Windows Shielding Utility, Windows PC Aid, Windows Control Series, Windows System Defender, Windows Anti-Malware Patch, Windows Ultimate Security Patch, Windows Active Defender, Windows Guardian Angel, Windows Privacy Counsel, Live PC Care, Windows Telemetry Center, Windows Antihazard Solution, Windows Crucial Scanner and Activate Ultimate Protection.
Windows Pro Rescuer Automatic Detection Tool (Recommended)
Is your PC infected with Windows Pro Rescuer? To safely & quickly detect Windows Pro Rescuer, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Pro Rescuer
What happens if Windows Pro Rescuer does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 Windows Pro Rescuer.lnk 155 2 %LOCALAPPDATA%\ Protector-wnj.exe 110 3 %APPDATA%\ Protector-vcwk.exe 73 4 Inspector-[RANDOM].exe N/A 5 Protector-[RANDOM].exe N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
Additional Information
- The following messages's were detected:
# Message 1 Error
Attempt to modify Registry key entries detected.
Registry entry analysis recommended.2 Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.3 Warning! Spambot detected!
Attention! A spambot sending viruses from your e-mail has been detected on your PC.4 Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan. 5 Error Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.
Posted: April 23, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(1 votes, average: 5.00 out of 5)
Loading ...Rate this article:
Detection Count: 28
