Windows Trouble Taker is a rogue anti-spyware program that pretends to scan your computer for malicious software and then states that your computer is badly infected and that you should remove found malware immediately. The truth is however, that this rogue anti-spyware program displays the same fake security alerts and reports the same infections on every infected computer. The rogue program then prompts you to pay for a full version of the program to remove viruses from your computer which don't even exist. Don't fall victim to to this scam and remove it from your computer as soon as possible. Please use Windows Trouble Taker removal instructions below. We strongly recommend you to use an automatic removal tool to remove Windows Trouble Taker but you can choose to remove the rogue manually as well.
While Windows Trouble Taker is running, it will display numerous fake security alerts about critical infections and serious security problems. It will also display fake notifications from your Windows taskbar saying that your PC is under attack from remote hackers' servers. However, the biggest problem is that it may actually bock legitimate antivirus and antispyware programs. Windows task manager and registry editor may be blocked too. In such case, you should restart your computer in safe mode with networking and download an automatic removal tool. What is more, the rogue program will display many fake security alerts. Some of the fake alerts read:
Recomended: Please use secure encrypted protocol for torrent links.
Torrent link detected!
Receiving this notification means that you have violated the copyright laws. Using Torrent for downloading movies and licensed software shall be prosecuted and you may be sued for cybercrime and breach of law under the SOPA legislation.
Please register your copy of the AV to activate anonymous data transfer protocol through the torrent link.
As you can see, Windows Trouble Taker is a scam that tries to make you buy the rogue program. If you find that your computer is infected then please follow Windows Trouble Taker removal instructions below to remove the rogue program and any related malware from your computer.
The latest parasite names used by FakeVimes:
Windows Trouble Taker manual removal:
Delete registry values:
HKEY_CURRENT_USER\SoftwareMicrosoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\SoftwareMicrosoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\SoftwareMicrosoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\SoftwareMicrosoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\SoftwareMicrosoft\Windows\CurrentVersion\Settings "net" = "2012-3-11_2?
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "origkboryd"
HKEY_LOCAL_MACHINE\SOFTWAREMicrosoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exe
HKEY_LOCAL_MACHINE\SOFTWAREMicrosoft\Windows NT\CurrentVersion\Image File Execution Options\bipcp.exe
HKEY_LOCAL_MACHINE\SOFTWAREMicrosoft\Windows NT\CurrentVersion\Image File Execution Options\ecengine.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\infwin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PavFnSvr.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sahagent.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\titaninxp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\wsbgate.exe
%CommonStartMenu%ProgramsWindows Trouble Taker.lnk
%Desktop%Windows Trouble Taker.lnk