Windows High-End Protection Description
Windows High-End Protection Does Not Offer Any Protection for Your Computer System
Windows High-End Protection is a bogus anti-virus program that is part of a recognized online scam. Basically, Windows High-End Protection pretends to be a legitimate security application despite not having any anti-virus or anti-malware capabilities. The main goal of the Windows High-End Protection scam is to convince computer users to purchase useless, fake security programs. These kinds of malware infections as known as rogue anti-virus or rogue anti-malware programs. Windows High-End Protection belongs to a common family of rogue security programs known as Rogue:Win32/FakeVimes.
FakeVimes bogus security programs have been active for several years. ESG malware analysts have been tracking the activities of fake security software in the FakeVimes family since 2009. Because of this, dealing with a Windows High-End Protection infection is not particularly difficult for most security programs. However, Windows High-End Protection belongs to a group of FakeVimes anti-viruses released in 2012 that often include an associated rootkit that is installed along with the rogue security program. The presence of this rootkit component, often some version of the ZeroAccess rootkit, greatly complicates removal of Windows High-End Protection and its clones. There are numerous malicious programs like Windows High-End Protection, including such rogue anti-virus applications as Windows Pro Rescuer, Windows Recovery Series and Windows Safety Checkpoint.
Do Not Become a Victim of the Windows High-End Protection Scam!
Malware like Windows High-End Protection is often known as scareware because of its main tactic: scaring its victims. Windows High-End Protection is designed to display numerous error messages and bogus security warnings in order to make its victims panic, scaring them into believing that their computer system has been attacked by several viruses and Trojans. Then, Windows High-End Protection will offer to fix these nonexistent problems provided that the victim is willing to spend money on a “full version” of Windows High-End Protection. Of course, since Windows High-End Protection has no real anti-virus capabilities, paying for its “full version” is not a good idea.
You can trick Windows High-End Protection into thinking that you have paid for its “full version” by entering the registration code the 0W000-000B0-00T00-E0020. ESG malware analysts have identified this registration code as an effective way to stop Windows High-End Protection from displaying its alarming error messages. However, this registration code will not remove Windows High-End Protection from your computer system. To remove Windows High-End Protection completely, it is recommended to use a reliable, fully up to date anti-malware application.
Type: Rogue AntiSpyware Programs
How Can You Detect Windows High-End Protection?
Download SpyHunter’s Detection Scanner
to Detect Windows High-End Protection.
‘How Windows High-End Protection Infects Your Computer’ Video
Windows High-End Protection Removal Details
Windows High-End Protection has typically the following processes in memory:
- %AppData%\Protector-[RANDOM CHARACTERS].exe
Windows High-End Protection creates the following files in the system:
Windows High-End Protection creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[RANDOM CHARACTERS].exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM CHARACTERS]
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger