Windows Antivirus Machine is a variant that are released by FakeVimes family. This rogue anti-spyware is harmful and deceptive like its other member in his family. But unlike regular antivirus, Windows Antivirus Machine just pretends to be real anti-spyware software, but it really cannot provide any real security services. Once this rogue program installs into your computer system, it starts to displays misleading pop-ups and falsified system scanners. This is the most common strategy of most rogue anti-spywares would do. This fake virus also displays lots of alerts and warning saying that your computer with great risk. In fact, these alerts and warnings are fake, your computer has not those threats, computer users should not be afraid. The virus just wants to cheat computer users into scam for earning your money. The most important thing computer victim should do is removing this malicious virus and fixing your computer. This rogue program is promoted in two ways. The first way is using fake online antivirus scanners to state that your computer is infected and then prompt you to download a file that will install the infection. The second is that it attempts to exploit defects in programs that you are running on your computer to install the infection without your permission. To get rid of such threat, this rogue program will persuade you buy its security tool and claim that it is the only tool can handle such threat. In fact, it is a scam and there is no real security service.
Some false message like:
Warning! Virus Detected
Threat Detected: Trojan-Downloader.Win32.Agent
Infected File: regedit.exe
Description: Programs classified as Trojan download and install new versions of malicious programs, including Trojans and AdWare, on victim computers.
Please click “remove All” button to erase all infected files and protect your PC
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexpolre.exe
C:\program files\internet explorer\iexpolre.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Please click “Prevent attack” button to prevent all attacks and protect your PC
Once this nasty rogue malware installed into your computer system, it will start to run automatically when computer victim starts computer Windows. Then this virus will display numerous fake scan and then stating there are numerous unsafe infections in your computer. The virus will use tactics to convince victim to buy its antivirus program. If you attempt to use the program to remove these infections, you will be definitely cheated. This is a scam as the scan results are all false. In fact, there are no any infected files exist on your computer. Therefore, please just ignore the scan results and do not buy anything this virus provided. This rogue malware will also hijack many applications of the infected computer. It will terminate your executable when you run it; it also will hijack the Windows Task Manager and Registry editor so that you could not open these programs normally and instead of the rogue’s control screen. These infections will take full control of your computer and cause many problem.
Windows Antivirus Machine changes Internet Explorer proxy settings to use a malicious proxy server that will not allow you download or update security software. So, you should complete this step to fix this problem.
Step 1: Run internet Explorer, click Tools,
Step 2:Select Connections Tab and click to Lan Settings button.
Step 3: Press CTRL+ALT+DEL or CTRL+SHIFT+ESC. Open the Windows Task Manager.
Within the Windows Task Manager click on the Processes tab. Find the associated processes. Select it with your mouse or keyboard and click on the End Process button. This will kill the process.
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
Step 4: Delete malicious registry entries.
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
Windows Antivirus Machine virus Removal Guide is As Similar As Windows Maintenance Guard virus.
To sum up: From the above passage, you can realize Windows Antivirus Machine infection is turning to be a dangerous rogue program. The main threat of this malware is that it pretends to be a security tool to cheat you into purchasing its false product. This rogue program cannot be completely removed by antivirus. It is also bundled with numerous virus and malware. It is designed to escape the antivirus software which this virus creates many files and hide them under system folders. The rogue program can disable your antivirus and your other applications. Therefore, it is important to remove it immediately before it makes you lose money and makes your computer crash. If you encounter difficulties to handle this virus according to above passage, your computer may be infected with its variant of this virus. Manual removal is a hard work with great risk. You need to remove all the virus infected files and registry entries manually. If you have not sufficient expertise in dealing with program files,.dll files and registry entries, it may lead to mistake damaging your system. If you have some problem dealing with this Trojan virus manually, you are welcome to contact with YooCare 24/7 Online Expert anytime you are available. YooCare will help you with any kind of PC problem.
Note: If you found that it is difficult to follow the removal guide above, please contact with YooCare PC experts 24/7 online , YooCare experts will help you remove Windows Antivirus Machine Virus from your computer completely.
Published by David MicKinney on August 2, 2012 | Fake Antivirus Removal Tips