Windows Attacks Preventor is a rogue antispyware program that claims that your computer is infected and displays bogus security threats to make you think you have some serious PC issues. The rogue program then asks you to purchase a full version of the fake malware removal tool to remove supposedly found system security threats. Do not purchase this program and uninstall Windows Attacks Preventor from your computer as soon as possible because it's a scam, not a real antivirus solution.
Usually, Windows Attacks Preventor is promoted through the use of Trojans, fake online anti-malware scanners and browser hijackers. It can come bundled with other malware as well. Trojans display fake security alerts from Windows Security Center or Task bar and suggest you to install Windows Attacks Preventor to remove non-existent viruses from your computer. Ignore such fake security alerts no matter what they tell you. Otherwise, you may infect your machine even more.
Once installed, Windows Attacks Preventor will start a fake system scan and report a variety of infections or security threats that can't be removed unless you purchase the rogue progra, Remember, scan results are false, you may easily ignore them. The only thing you should worry about is Windows Attacks Preventor itself. Furthermore, this parasite will constantly display fake security alerts stating that your computer is under attack. You will see fake security alerts with the following text:
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.
However, that's not all. Windows Attacks Preventor will also hijack your web browser and dramatically slow down your computer. It may block some Microsoft Windows tools and programs to protect itself from being deleted.
As you can see, Windows Attacks Preventor is a scam. If you have purchased this rogue program, please contact your credit card company immediately. Then use the removal guide below to remove this infection from the system. You should also scan your PC with reliable anti-spyware application to make sure that there are no other malware installed on your computer.
The latest parasite names used by FakeVimes:
Windows Attacks Preventor manual removal:
Delete registry values:
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionInternet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegedit" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableRegistryTools" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionPoliciesSystem "DisableTaskMgr" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "ID" = 0
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "net" = "2012-2-17_2"
HKEY_CURRENT_USERSoftwareMicrosoftWindowsCurrentVersionSettings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avp32.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Options_avpcc.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution OptionsashDisp.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsdivx.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsmostat.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionsplatin.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionstapinstall.exe
HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindows NTCurrentVersionImage File Execution Optionszapsetup3001.exe
%appdata%Inspector-[3 random characters].exe
%desktopdir%Windows Attacks Preventor.lnk
%StartMenu%ProgramsWindows Attacks Preventor.lnk