Windows Protection Unit

Windows Protection Unit Description

In keeping with its predecessors, Windows Protection Unit will display the same fake alerts, inaccurate scans and other types of fraudulent security information to make it appear as though your PC is under attack by countless threats. Since Windows Protection Unit isn’t able to detect or remove any type of genuine PC threat that could endanger your computer, SpywareRemove.com malware researchers discourage any interaction with Windows Protection Unit other than faking its registration (if necessary) and removing Windows Protection Unit with a real anti-malware application. As a rogue anti-virus product, Windows Protection Unit’s sole goal is to steal money and related information in its fraudulent registration process, and purchasing Windows Protection Unit or taking its recommendations to heart is never an action that’s in your best interests. Windows Protection Unit is a rubber-stamped clone of other scamware programs from FakeVimes, such as Windows Virtual Firewall, Volcano Security Suite, Windows Custom Safety, Windows Profound Security, Windows Smart Warden, Windows No-Risk Center, Windows Antivirus Patch, Windows Control Series, Windows Security System, Windows Performance Catalyst, System Protection Tools, Windows Safety Wizard, Windows Secure Web Patch, Windows Shielding Utility, Windows Pro Safety, Windows Defence Counsel, Windows Antivirus Machine, Windows Antivirus Care, Security Master AV, Windows Expert Series, Windows Ultimate Safeguard, CleanUp Antivirus, Windows Safety Toolkit, Windows Premium Defender, Smart Engine, My Security Wall, Windows ProSecure Scanner, Windows Maintenance Guard, Windows Health Keeper, Windows ProSecurity Scanner, Windows Virus Hunter, Windows Pro Defence, Best Antivirus Software, Additional Guard, Windows Efficiency Accelerator, Windows Premium Console, Windows Web Combat, Keep Center Keeper, Windows Firewall Constructor, Windows Custodian Utility, Windows Debug Center, Windows Protection Maintenance, Smart Anti-Malware Protection, Windows Web Commander, Smart Virus Eliminator, Windows Advanced User Patch, Windows Advanced Security Center, Windows Smart Partner, Windows Malware Sleuth, Windows Be-on-Guard Edition, Smart Internet Protection 2011, Windows Threats Destroyer, Windows No-Risk Agent, Windows Antihazard Solution, Windows System Defender, Windows Privacy Counsel, Windows Proactive Safety, Windows Virtual Security, Windows Shield Tool, Windows Personal Doctor, Windows Activity Debugger, Windows First-Class Protector, Windows Privacy Module, Windows Secure Workshop, Personal Internet Security 2011, Windows Active Defender, Windows Defending Center, Windows High-End Protection, Windows Virtual Angel, Smart Security, Windows AntiHazard Center, Windows Crucial Scanner, Windows Security Renewal, Smart Internet Protection 2012, Windows Enterprise Suite, Windows Protection Master, Windows Managing System, Windows Private Shield, Windows Advanced Toolkit, Anti-Malware Lab, Windows Functionality Checker, Home Malware Cleaner, Windows Custom Management, Windows Multi Control System, Live PC Care, Windows Process Director, Windows Anti-Malware Patch, Antivirus Smart Protection, Windows Tools Patch, Windows Antivirus Rampart, Windows Instant Scanner, My Security Shield, Internet Security Essentials, Windows Daily Adviser, Windows Interactive Safety, Windows Guard Solutions, Windows Internet Booster, Windows Proprietary Advisor, PC Live Guard, Best Malware Protection, Windows Turnkey Console, Windows Ultimate Security Patch, Windows Maintenance Suite, Windows Safety Manager, PrivacyGuard PRO, Windows Risk Minimizer, Personal Security Sentinel, VirusSecurity, Strong Malware Defender, Windows Basic Antivirus, Windows Problems Stopper, Windows Safety Maintenance, Extra Antivirus, Security Antivirus, Windows Stability Guard, Windows Software Saver, Windows Telemetry Center, Windows Enterprise Defender, Windows Home Patron, Windows Antivirus Release, Windows Safety Series, Windows Pro Safety Release, My Security Engine, Windows Software Keeper, Windows Safety Module, Windows PC Aid, Windows Warding System, Windows Sleek Performance, Windows Safeguard Upgrade, Windows Secure Workstation, Home Safety Essentials, Windows Interactive Security, Windows Guardian Angel, XP Smart Security, Internet Security Suite, Windows Care Taker, Total Anti Malware Protection, Windows Abnormality Checker, Windows AntiHazard Helper, Windows Safety Checkpoint, Windows PRO Scanner, Fast Antivirus 2009, Windows Pro Rescuer, Windows Secure Surfer, Windows Privacy Extension, Virus Doctor, Windows Performance Adviser, Windows Premium Guard, Activate Ultimate Protection, Windows Active Guard, Windows Pro Solutions, Enterprise Suite, Windows Trouble Taker, Live Enterprise Suite, Windows Security Suite, Windows Pro Web Helper and Windows Guard Tools.

Windows Protection Unit – a Fake AV Program That You’ll Want Your Own Protection Against

Windows Protection Unit may look like an anti-virus program with more security features than the popular brands are willing to offer, but this generosity comes easy to Windows Protection Unit, since it doesn’t bother to back its features up with the functionality that they’d require. Windows Protection Unit’s Advanced Process Control is just a roundabout way of preventing you from using the Windows Task Manager normally, and that’s just a prelude to other security-hampering attacks by Windows Protection Unit that SpywareRemove.com malware researchers have found worthy of mention:

Windows Protection Unit is capable of modifying your Hosts file to redirect your web browser to undesirable sites.

Similar attacks may also hijack your search results or prevent you from loading beneficial websites (such as sites for PC security companies).
Task Manager, competing rogue security programs and various types of legitimate security software can be disabled by Windows Protection Unit. SpywareRemove.com malware researchers suggest that you try to launch Windows without Windows Protection Unit also launching to be able to access all of your anti-malware software and remove Windows Protection Unit in an appropriate manner. Safe Mode and booting from a remote or removable drive can be used to prevent Windows Protection Unit from launching.
Windows Protection Unit may also change your system settings to permit you to download files with invalid signatures (a telltale sign of a file being malicious) without triggering any warnings from Windows.
User Account Control (abbreviated as UAC), a Windows security feature that prevents unwanted system changes, may also be disabled.

Detecting and Dealing with a Windows Protection Unit Infestation

Pop-ups from Windows Protection Unit can be identified by their alarmist and fraudulent contents, which will contain warnings about fake attacks or the presence of nonexistent types of hostile software on your computer. SpywareRemove.com malware experts heartily endorse completely ignoring warning messages, which are common to the Win32/FakeVimes family.

As a security risk, Windows Protection Unit should be removed with anti-malware software that can scan your PC. Because normal methods of deletion won’t remove the Hosts file changes and other traits of a Windows Protection Unit infection, SpywareRemove.com malware researchers discourage unassisted attempts to delete Windows Protection Unit if other options are available. Windows Protection Unit can also be registered with the registration code ’0W000-000B0-00T00-E0020′, which can simplify the process of deleting Windows Protection Unit properly.

Windows Protection Unit Automatic Detection Tool (Recommended)

Is your PC infected with Windows Protection Unit? To safely & quickly detect Windows Protection Unit, we highly recommend you run the malware scanner listed below.

Download SpyHunter's* Malware Scanner to detect Windows Protection Unit What happens if Windows Protection Unit does not let you open SpyHunter or blocks the Internet?

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

#	File Name	Detection Count
1	Windows Protection Unit.lnk	117
2	%APPDATA%\ Protector-sak.exe	21
3	%APPDATA%\ Protector-uidg.exe	12
4	%AppData%\Protector-[RANDOM CHARACTERS].exe	N/A
5	%Desktop%\ Windows Protection Unit.lnk	N/A
6	%CommonStartMenu%\Programs\ Windows Protection Unit.lnk	N/A
7	%AppData%\result.db	N/A
8	%AppData%\NPSWF32.dll	N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.

The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-4-7_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "ahwohainwk"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe

Additional Information

The following messages's were detected:

#	Message
1	Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
2	Error Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.
3	Warning Firewall has blocked a program from accessing the Internet. Windows Media Player Resources C:\Windows\system32\dllcache\wmploc.dll C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.