Home Malware Programs Rogue Anti-Spyware Programs Windows Warding System

Windows Warding System

Posted: April 2, 2012

Threat Metric

Threat Level: 2/10
Infected PCs: 12
First Seen: April 2, 2012
OS(es) Affected: Windows

Despite its marketing and presentation that implies that Windows Warding System is capable of protecting your PC from viruses and other PC threats, Windows Warding System shouldn't be relied on to ward off any type of hostile software. As a designated member of FakeVimes and a rogue anti-virus program, Windows Warding System should be considered a danger to your computer that's fully capable of hijacking your web browser, blocking other applications and providing fake system information in the form of inaccurate threat alerts. SpywareRemove.com malware researchers suggest disabling Windows Warding System by any one of several methods for this purpose before you try to remove Windows Warding System from your PC, since Windows Warding System will cause system changes that should be undone by the very same anti-malware programs that Windows Warding System is likely to block.

How Windows Warding System Uses a Sham of Security to Keep Your Real Security at Bay

Windows Warding System presents itself as an anti-virus scanner with a vast set of features, including protection from phishing attacks, memory-monitoring and other useful utilities, but, unfortunately, for Windows Warding System's victims, these features are completely fake. SpywareRemove.com malware research team places especial focus on the necessity of identifying Windows Warding System's fake warning pop-ups, which will mislead you with inaccurate system information that could lead you to harm your PC.

Windows Warding System will have ample opportunity to display these pop-ups on any PC that Windows Warding System infects due to the addition of Registry entries that allow Windows Warding System to start up whenever Windows starts. However, there are several ways to bypass this, any of which SpywareRemove.com malware researchers recommend before you try to delete Windows Warding System from your hard drive. Common methods for disabling Windows Warding System's startup functions include:

  • Booting your PC from a removable hard drive (such as a USB drive).
  • Booting your PC in Safe Mode.
  • Switching to a pre-installed secondary operating system. Notably, Windows Warding System is unable to function in non-Windows environments, although any uninfected OS, including other versions of Windows, can be used to access your anti-malware software and remove Windows Warding System.

Working Around the Top-Shelf Dangers in Windows Warding System's Armory

Windows Warding System's chief danger lies in its ability to convince unwary victims that they should purchase a registration key for its fraudulent software. While SpywareRemove.com malware analysts never recommend buying Windows Warding System, you can still feel free to use the code '0W000-000B0-00T00-E0020' to fake its registration, which can simplify the removal process. In addition to its fake security features and registration badgering, Windows Warding System can also:

  • Block applications, including security and system diagnostic programs like Task Manager or anti-malware scanners.
  • Force your web browser to load harmful websites or censor its ability to display safe sites (especially sites that contain PC security information).

Some well-known PC threats that SpywareRemove.com malware researchers have associated with Windows Warding System include other fake AV scanners from the Win32/FakeVimes family, such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%DesktopDir%\Windows Warding System.lnk File name: %DesktopDir%\Windows Warding System.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonPrograms%\Windows Warding System.lnk File name: %CommonPrograms%\Windows Warding System.lnk
File type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%AppData%\npswf32.dll File name: %AppData%\npswf32.dll
File type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%AppData%\Inspector-[RANDOM CHARACTERS].exe File name: %AppData%\Inspector-[RANDOM CHARACTERS].exe
File type: Executable File
Mime Type: unknown/exe
Group: Malware file

Registry Modifications

The following newly produced Registry Values are:

HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
Loading...