Windows Warding System
Posted: April 2, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
Threat Level: | 2/10 |
---|---|
Infected PCs: | 12 |
First Seen: | April 2, 2012 |
---|---|
OS(es) Affected: | Windows |
Despite its marketing and presentation that implies that Windows Warding System is capable of protecting your PC from viruses and other PC threats, Windows Warding System shouldn't be relied on to ward off any type of hostile software. As a designated member of FakeVimes and a rogue anti-virus program, Windows Warding System should be considered a danger to your computer that's fully capable of hijacking your web browser, blocking other applications and providing fake system information in the form of inaccurate threat alerts. SpywareRemove.com malware researchers suggest disabling Windows Warding System by any one of several methods for this purpose before you try to remove Windows Warding System from your PC, since Windows Warding System will cause system changes that should be undone by the very same anti-malware programs that Windows Warding System is likely to block.
How Windows Warding System Uses a Sham of Security to Keep Your Real Security at Bay
Windows Warding System presents itself as an anti-virus scanner with a vast set of features, including protection from phishing attacks, memory-monitoring and other useful utilities, but, unfortunately, for Windows Warding System's victims, these features are completely fake. SpywareRemove.com malware research team places especial focus on the necessity of identifying Windows Warding System's fake warning pop-ups, which will mislead you with inaccurate system information that could lead you to harm your PC.
Windows Warding System will have ample opportunity to display these pop-ups on any PC that Windows Warding System infects due to the addition of Registry entries that allow Windows Warding System to start up whenever Windows starts. However, there are several ways to bypass this, any of which SpywareRemove.com malware researchers recommend before you try to delete Windows Warding System from your hard drive. Common methods for disabling Windows Warding System's startup functions include:
- Booting your PC from a removable hard drive (such as a USB drive).
- Booting your PC in Safe Mode.
- Switching to a pre-installed secondary operating system. Notably, Windows Warding System is unable to function in non-Windows environments, although any uninfected OS, including other versions of Windows, can be used to access your anti-malware software and remove Windows Warding System.
Working Around the Top-Shelf Dangers in Windows Warding System's Armory
Windows Warding System's chief danger lies in its ability to convince unwary victims that they should purchase a registration key for its fraudulent software. While SpywareRemove.com malware analysts never recommend buying Windows Warding System, you can still feel free to use the code '0W000-000B0-00T00-E0020' to fake its registration, which can simplify the removal process. In addition to its fake security features and registration badgering, Windows Warding System can also:
- Block applications, including security and system diagnostic programs like Task Manager or anti-malware scanners.
- Force your web browser to load harmful websites or censor its ability to display safe sites (especially sites that contain PC security information).
Some well-known PC threats that SpywareRemove.com malware researchers have associated with Windows Warding System include other fake AV scanners from the Win32/FakeVimes family, such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%DesktopDir%\Windows Warding System.lnk
File name: %DesktopDir%\Windows Warding System.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonPrograms%\Windows Warding System.lnk
File name: %CommonPrograms%\Windows Warding System.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%AppData%\npswf32.dll
File name: %AppData%\npswf32.dllFile type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%AppData%\Inspector-[RANDOM CHARACTERS].exe
File name: %AppData%\Inspector-[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
Registry Modifications
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.