Windows Protection Master runs every time you turn on your computer and blocks legit anti-virus programs. To cap it all, this pesky virus disables Task Manager, Registry Editor and some other very useful Windows system utilities. You can't really run any malware removal tools in Normal Mode because the virus will block them producing pop-up warnings "Application is infected", and promoting you to purchase the rogue program in order to remove non-existent infections. We have to admit that some of the fake security alerts and notifications are very creative.
Warning! Identity theft attempt detected. Someone is apparently gathering your bank account details which is impossible unless Windows Protection Master comes bundled with spyware and you've logged on to your bank's online banking system while your PC is infected. That would be a shame.
Error Keylogger activity detected. Once again, cyber crooks want to scare you into thinking that every key stroke you make is recorded.
Torrent Alert. Torrent link detected! Have you ever heard about SOPA? Get anonymous connection. That's right. They suggest you to act against the rules of SOPA. It goes without saying that legit anti-virus product wouldn't recommend such things.
As you can see, Windows Protection Master is truly rogue and useless anti-virus program. Having anti-virus protection and doing frequent scans for threats is a good idea. But not with this rogue security product. If you are one of those unlucky people who purchased Windows Protection Master, you should contact your credit card company immediately and dispute the charges. Then, please follow the removal instructions below to remove Windows Protection Master and associated malware from your computer. If you have any questions, please leave a comment. Good luck and be safe online!
Windows Protection Master removal instructions:
1. Reboot your computer is "Safe Mode with Networking". As the computer is booting tap the "F8 key" continuously which should bring up the "Windows Advanced Options Menu" as shown below. Use your arrow keys to move to "Safe Mode with Networking" and press Enter key.
NOTE: Login as the same user you were previously logged in with in the normal Windows mode.
2. Launch Internet Explorer. In Internet Explorer go to: Tools → Internet Options → Connections tab. Click Lan Settings button and uncheck the checkbox labeled Use a proxy server for your LAN. Click OK. You may have to repeat steps 1-2 if you will have problems downloading malware removal programs.
3. Download and run TDSSKiller. Wait for the scan and disinfection process to be over.
4. Download recommended anti-malware software (Spyware Doctor) and run a full system scan to remove Security Scanner from your computer.
5. To reset the Hosts file back to the default automatically, download and run Fix it and follow the steps in the Fix it wizard.
Associated Windows Protection Master files and registry values:
Files:
Windows XP:
- C:\Documents and Settings\[User Name]\Application Data\Inspector-[3 RANDOM CHARACTERS].exe
- C:\Documents and Settings\[User Name]\Application Data\NPSWF32.dll
- C:\Documents and Settings\[User Name]\Application Data\result.db
- C:\Documents and Settings\[User Name]\Desktop\Windows Protection Master.lnk
- C:\Users\[User Name]\AppData\Roaming\Inspector-[3 RANDOM CHARACTERS].exe
- C:\Users\[User Name]\AppData\Roaming\NPSWF32.dll
- C:\Users\[User Name]\AppData\Roaming\result.db
- C:\Users\[User Name]\Desktop\Windows Protection Master.lnk
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
No comments:
Post a Comment