Windows Internet Booster Description
Windows Internet Booster is not an application involved in increasing your Internet speed or helping your computer in any way. In fact, Windows Internet Booster is actually a malware program that is disguised as an anti-malware application. Fake security programs like Windows Internet Booster are known as rogue security applications (often just ‘rogueware’ for short). These kinds of malware applications are used as part of a well-known online scam that involves tricking computer users into thinking that their computer system is in severe problems. Then, by taking advantage of this panic, criminals will attempt to convince the victim to purchase a ‘full version’ of the rogue security program.
Rogue anti-malware programs are among the most common online scams. Because of this, there are thousands of versions of these kinds of malware programs, ranging from the relatively benign (those that simply imitate a fake security program without going any further) to those that involve a severe intrusion into your computer system. Unfortunately, Windows Internet Booster belongs to this second kind of malware program. A Windows Internet Booster infection will often include the presence of numerous Trojans and some kind of rootkit component on the victim’s computer system. Windows Internet Booster will use intrusive tactics in order to take over the victim’s computer system so that it can cause alarming security alerts, browser redirects, system crashes, and various other symptoms.
Windows Internet Booster Belongs to a Large Family of Malware
ESG team of PC security researchers has detected dozens of different versions of Windows Internet Booster. All of these belongs to a family of malware known as Rogue:FakeVimes. Examples of other malware in this family of scamware include such fake security programs as Windows Processes Accelerator, Windows Pro Web Helper, Windows Daily Advisor and Windows Trojans Inspector. Malware in the FakeVimes family have been around since 2009 and are a well known threat to a computer’s security.
It seems that FakeVimes rogue security programs released in 2012 (including Windows Internet Booster) will include a version of the ZeroAccess rootkit as part of the infection. Because of this, removing them is no easy task, often requiring the help of a specialized anti-rootkit tool. The registration code 0W000-000B0-00T00-E0020 can aid in removing Windows Internet Booster by stopping some of its most annoying symptoms. However, removal of Windows Internet Booster with a reliable anti-virus program will still be necessary.
Type: Rogue AntiSpyware Programs
How Can You Detect Windows Internet Booster?
Download SpyHunter’s Detection Scanner
to Detect Windows Internet Booster.
‘How Windows Internet Booster Infects Your Computer’ Video
Windows Internet Booster Removal Details
Windows Internet Booster has typically the following processes in memory:
Windows Internet Booster creates the following files in the system:
Windows Internet Booster creates the following registry entries:
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\UID [RANDOM]
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = ‘0′
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\net [Date of Installation]
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Inspector “%AppData%\Protector-[RANDOM].exe”
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = ‘0′
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
- HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = ‘0′
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = ‘0′
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
- HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe