Windows Telemetry Center

Windows Telemetry Center Description

Windows Telemetry Center is a fake anti-malware scanner that includes inaccurate warnings about the presence of high-level PC threats that actually aren’t on your computer. Windows Telemetry Center’s appearance may look professional and appear to be that of normal security software, but SpywareRemove.com malware researchers have observed that Windows Telemetry Center is, in both looks and functions, a clone of similar examples of scamware from the FakeVimes family. Since Windows Telemetry Center may also block unrelated applications under false premises of them being infected or damaged, you should consider Windows Telemetry Center to be no better than a Trojan or virus itself and remove Windows Telemetry Center by using your pick of real anti-malware software.

Windows Telemetry Center – a Foothold of Fraud on Your PC

Although Windows Telemetry Center’s name, marketing and supposed update features all imply that Windows Telemetry Center is a legitimate anti-malware program that uses regularly updated threat definitions to detect and uproot malicious software, SpywareRemove.com malware analysts note contrarily that Windows Telemetry Center actually is a fairly self-contained application. Windows Telemetry Center doesn’t have a genuine database of definitions for PC threats, nor does Windows Telemetry Center truly attempt to detect viruses, Trojans or other types of harmful software during its scans. Instead, scans and a variety of pop-up alerts are created automatically with randomly-generated warnings to create the illusion that your PC is always under the looming shadow of multiple infections.

Alerts from Windows Telemetry Center can take a wide range of seemingly-official formats, as noted in the samples below:

Warning! Database update failed!
Database update failed!
Outdated viruses databases are not effective and can’t [sic] guarantee adequate protection and security for your PC!
Click here to get the full version of the product and update the database!

Warning! Running trial version!
The security of your computer has been compromised!
Now running trial version of the software!
Click here to purchase the full version of the software and get full protection for your PC!

System Security Warning
Attempt to modify register key entries is detected.

Register entries analysis is recommended.

Warning!
Name: [Application file name]
Name: [Application file path]
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

Warning!
Location: [Application file path]
Viruses: Backdoor.Win32.Rbot

Spending money on Windows Telemetry Center is unnecessary to bring a halt to its machinations, and SpywareRemove.com malware analysts generally discourage it, since Windows Telemetry Center not only wastes money on a fraudulent program, but may give criminals access to your financial information for future attacks. Any sign of Windows Telemetry Center’s presence in your PC should be reacted to via anti-malware scans from appropriate software that can remove both Windows Telemetry Center and any other PC threats that may be related to its presence.

Breaking Down the Windows Telemetry Center Blockade

Windows Telemetry Center and similar members of its family are also capable of shutting down unrelated applications without your permission (including Windows First-Class Protector, Windows Protection Master, Windows Guard Solutions, Windows AntiHazard Center, Windows Daily Adviser, Windows PRO Scanner, Windows Abnormality Checker, Windows ProSecure Scanner, Internet Security Suite, Windows Software Saver, Windows Virtual Angel, Windows Security Suite, Windows Custom Management, Windows Trouble Taker, Windows Multi Control System, My Security Engine, Home Malware Cleaner, Windows Firewall Constructor, Windows Custom Safety, Windows Warding System, Windows Activity Debugger, Windows Advanced Toolkit, Windows Web Commander, Windows Security System, Security Master AV, Windows Protection Unit, Windows Guard Tools, Windows Antivirus Rampart, Windows Internet Booster, Windows Pro Safety, Windows Antivirus Patch, Windows High-End Protection, Windows Web Combat, Enterprise Suite, Windows Advanced User Patch, Windows Sleek Performance, Windows Privacy Counsel, Windows Safety Maintenance, Windows No-Risk Agent, Windows Stability Guard, Windows Interactive Security, Windows Safeguard Upgrade, Windows Proactive Safety, Windows Control Series, Windows Security Renewal, Windows Ultimate Security Patch, Windows Active Defender, Windows Virtual Security, Windows Virus Hunter, Windows Tools Patch, Windows Privacy Extension, Windows Secure Workstation, Windows Enterprise Suite, Fast Antivirus 2009, Windows Ultimate Safeguard, Windows Performance Adviser, VirusSecurity, Antivirus Smart Protection, Windows Antivirus Release, Windows Efficiency Accelerator, Windows System Defender, Windows Crucial Scanner, Windows Smart Warden, Best Antivirus Software, System Protection Tools, Windows Safety Wizard, Volcano Security Suite, My Security Shield, Windows Smart Partner, Windows Pro Defence, Windows Safety Toolkit, Windows Expert Series, Windows Anti-Malware Patch, Windows Secure Surfer, Windows Pro Safety Release, Internet Security Essentials, Strong Malware Defender, Windows Shield Tool, Windows Antivirus Care, Security Antivirus, Windows Managing System, Windows Health Keeper, Windows Premium Defender, Windows Turnkey Console, Smart Anti-Malware Protection, Windows Software Keeper, Windows Protection Maintenance, Windows Shielding Utility, Keep Center Keeper, Windows Custodian Utility, Windows Defence Counsel, Smart Virus Eliminator, Windows Care Taker, Windows Antihazard Solution, Windows Debug Center, Activate Ultimate Protection, CleanUp Antivirus, XP Smart Security, Windows Antivirus Machine, Windows Premium Guard, Windows Virtual Firewall, Windows Functionality Checker, Windows Safety Manager, PrivacyGuard PRO, Windows Maintenance Suite, Windows Risk Minimizer, Additional Guard, Windows Private Shield, Windows PC Aid, My Security Wall, Windows Be-on-Guard Edition, Windows Secure Web Patch, Home Safety Essentials, Windows Interactive Safety, Anti-Malware Lab, Windows Personal Doctor, Windows Problems Stopper, PC Live Guard, Windows Secure Workshop, Live PC Care, Windows Home Patron, Windows Active Guard, Windows ProSecurity Scanner, Smart Security, Personal Internet Security 2011, Smart Engine, Windows Guardian Angel, Windows Basic Antivirus, Personal Security Sentinel, Virus Doctor, Windows No-Risk Center, Windows Maintenance Guard, Windows Enterprise Defender, Smart Internet Protection 2012, Windows Premium Console, Windows Process Director, Windows Privacy Module, Total Anti Malware Protection, Windows Pro Rescuer, Windows Pro Web Helper, Windows Safety Series, Live Enterprise Suite, Windows Defending Center, Windows Proprietary Advisor, Windows Profound Security, Windows AntiHazard Helper, Windows Advanced Security Center, Best Malware Protection, Windows Performance Catalyst, Windows Safety Module, Extra Antivirus, Windows Pro Solutions, Windows Threats Destroyer, Windows Malware Sleuth, Windows Instant Scanner, Smart Internet Protection 2011 and Windows Safety Checkpoint. Since Windows Telemetry Center launches itself automatically during Windows’ startup process and can constantly scan your computer’s memory for processes to shut down, this may interfere with your usage of a broad swathe of different programs. Instant messengers, script packages, Google and Adobe-brand products and even the Registry Editor are all likely to be blocked by Windows Telemetry Center.

However, booting your PC into Safe Mode with Networking, switching to a separate OS or booting Windows from a removable device will allow you to scan your computer without Windows Telemetry Center being launched. SpywareRemove.com malware researchers recommend that you use such techniques during scans whenever possible even if Windows Telemetry Center allows you to open your anti-malware software, since doing so will insure that other PC threats will not remain active to interfere with the deletion of Windows Telemetry Center.

Windows Telemetry Center Automatic Detection Tool (Recommended)

Is your PC infected with Windows Telemetry Center? To safely & quickly detect Windows Telemetry Center, we highly recommend you run the malware scanner listed below.

Download SpyHunter's* Malware Scanner to detect Windows Telemetry Center What happens if Windows Telemetry Center does not let you open SpyHunter or blocks the Internet?

Visual & GUI Characteristics

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:

#	File Name	Detection Count
1	%APPDATA%\ Protector-guq.exe	87
2	%AppData%\result.db	N/A
3	%AppData%\npswf32.dll	N/A
4	%AppData%\Inspector-[3 RANDOM CHARACTERS].exe	N/A
5	%DesktopDir%\Windows Telemetry Center.lnk	N/A
6	%StartMenu%\Programs\Windows Telemetry Center.lnk	N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.

The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe

Additional Information

The following messages's were detected:

#	Message
1	Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
2	Error Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection.
3	Warning Firewall has blocked a program from accessing the Internet. Windows Media Player Resources C:\Windows\system32\dllcache\wmploc.dll C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.