Home Malware Programs Rogue Anti-Spyware Programs Windows Vulnerabilities Rescuer

Windows Vulnerabilities Rescuer

Posted: July 1, 2011

ScreenshotWindows Vulnerabilities Rescuer is a variant of rogue security programs like Windows Necessary Firewall and Windows Inviolability System. Windows Vulnerabilities Rescuer and similar rogue threats reuse a similar interface that looks like security software, complete with the Windows logo. However, Windows Vulnerabilities Rescuer has no actual security functions and will try to attack your PC with false positives, browser hijacks and by disallowing the use of real security programs. Quickly removing Windows Vulnerabilities Rescuer is critical for securing your computer's good health, but this process can be done by an anti-malware application if such software is available.

Why You Should Rescue Your PC from Windows Vulnerabilities Rescuer

The basic interface for Windows Vulnerabilities Rescuer pretends to monitor multiple types of PC security, including network security, hard disk optimization, private data protection and media components. The only results of Windows Vulnerabilities Rescuer's monitoring are prefabricated scores that are designed to make it look like your PC is extremely insecure or damaged.

Windows Vulnerabilities Rescuer will add weight to these claims by faking threat detections with messages like the following:

Warning!
Location: [application file path]
Viruses: Backdoor.Win32.Rbot

Warning!
Name: [application file name]
Name: [application file path]
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning! Database update failed!
Database update failed!
Outdated viruses databases are not effective and can't [sic] guarantee adequate protection and security for your PC!
Click here to get the full version of the product and update the database!

System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.
This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.

Warning! Running trial version!
The security of your computer has been compromised!
Now running trial version of the software!
Click here to purchase the full version of the software and get full protection for your PC!

In reality, these vulnerabilities and threats don't exist, and every bit of information that Windows Vulnerabilities Rescuer provides is false. The intent of the criminals in charge of this scam is to make you purchase Windows Vulnerabilities Rescuer to cause these problems to stop, but this is a complete waste of your money and should be avoided at all costs.

Working Around Windows Vulnerabilities Rescuer's Security-Hampering Restrictions

Windows Vulnerabilities Rescuer has far worse attacks in store for your PC, however, which makes it important that you remove Windows Vulnerabilities Rescuer as soon as possible:

  • Windows Vulnerabilities Rescuer can launch itself without your consent, most typically, whenever Windows starts. Even if you try to close Windows Vulnerabilities Rescuer it may remain open in memory.
  • Windows Vulnerabilities Rescuer may also use Trojans to shut down various programs, including Task Manager and anti-virus scanners. This not only prevents you from removing Windows Vulnerabilities Rescuer from your PC, but may also allow other threats to attack your computer and do significant damage.
  • The latter is a particular concern for any Windows Vulnerabilities Rescuer infection because most rogue threats like Windows Vulnerabilities Rescuer are installed by preexisting Trojan horses. The Fake Microsoft Security Essentials Alert Trojan has been known to specialize in installing Windows Vulnerabilities Rescuer and similar PC threats like Windows Proofness Guarantor, Windows AV Component, Windows Antivirus System and Windows 7 Recovery.
  • Even your web browser isn't safe from Windows Vulnerabilities Rescuer's attacks, which may hijack Internet Explorer, Chrome, Firefox and other popular web browser applications. Hijack symptoms can include an unfamiliar homepage, pop-ups, fake error screens that block website access, links inserted into text content or changed search results. Beware any attempts by Windows Vulnerabilities Rescuer to force you to the Windows Vulnerabilities Rescuer homepage, since being exposed to the Windows Vulnerabilities Rescuer website may result in other attacks.

Removing Windows Vulnerabilities Rescuer should use the help of a good anti-virus program, since Windows Vulnerabilities Rescuer is as stated earlier, almost certain to come with Trojans and other threats. Safe Mode may allow you to prevent Windows Vulnerabilities Rescuer from starting which will make the Windows Vulnerabilities Rescuer deletion process a simpler task.


ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

File System Modifications

  • The following files were created in the system:
    # File Name
    1 %Program Files%\Windows Vulnerabilities Rescuer\Windows Vulnerabilities Rescuer.exe
    2 %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Vulnerabilities Rescuer.lnk
    3 %UserProfile%\Desktop\Windows Vulnerabilities Rescuer.lnk
    4 %UserProfile%\Start Menu\Windows Vulnerabilities Rescuer\Help.lnk
    5 %UserProfile%\Start Menu\Windows Vulnerabilities Rescuer\Registration.lnk
    6 %UserProfile%\Start Menu\Windows Vulnerabilities Rescuer\Windows Vulnerabilities Rescuer.lnk

Registry Modifications

  • The following newly produced Registry Values are:
    HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\13376694984709702142491016734454HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “13376694984709702142491016734454?

Additional Information on Windows Vulnerabilities Rescuer

  • The following messages's were detected:
    # Message
    1 Warning!
    Name: [application file name]
    Name: [application file path]
    Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.
    2 System Security Warning
    Attempt to modify register key entries is detected. Register entries analysis is recommended.
    3 Warning!
    Location: [application file path]
    Viruses: Backdoor.Win32.Rbot
    4 System component corrupted!
    System reboot error has occurred due to lsass.exe system process failure.
    This may be caused by severe malware infections.
    Automatic restore of lsass.exe backup copy completed.
    The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.
    5 Warning! Database update failed!
    Database update failed!
    Outdated viruses databases are not effective and can't [sic] guarantee adequate protection and security for your PC!
    Click here to get the full version of the product and update the database!
    6 Warning! Running trial version!
    The security of your computer has been compromised!
    Now running trial version of the software!
    Click here to purchase the full version of the software and get full protection for your PC!

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to Windows Vulnerabilities Rescuer may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria .

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.