Threat Database Rogue Anti-Virus Program Windows Instant Scanner

Windows Instant Scanner

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 4
First Seen: June 12, 2012
Last Seen: January 8, 2020
OS(es) Affected: Windows

Windows Instant Scanner Image

Windows Instant Scanner is a bogus anti-malware scanner in the FakeVimes family of malware. Windows Instant Scanner is actually a kind of scamware infection, despite the fact that its interface and components appear very similar to those belonging to real security software. Known as rogue security programs, malware threats like Windows Instant Scanner carry out a common online scam.

The FakeVimes family of malware has been at work and constantly updated since 2009. There are dozens of fake security programs in the FakeVimes family of malware with new ones released almost on a daily basis. Windows Instant Scanner belongs to a particularly nasty batch of fake security software due to the fact that Windows Instant Scanner will often be bundled with some version of the ZeroAccess rootkit.

Other examples of malware in the FakeVimes family that also includes this dangerous rootkit component include fake security applications such as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

How Criminals Use Windows Instant Scanner to Steal Your Money

Windows Instant Scanner is designed to make you believe that your computer is severely infected with malware. To do this, Windows Instant Scanner will use numerous fake error messages and an alarming, but fake, system scan. These will invariable indicate that your computer has been invaded by various Trojans and viruses. However, if you try to use Windows Instant Scanner to fix these nonexistent problems, Windows Instant Scanner will try to convince you that you need to buy the 'full version' of this fake security program. Since neither the 'free' version nor the 'full' version of Windows Instant Scanner have actual anti-malware capabilities, ESG security analysts strongly advises against paying for this fake security application.

What to Do if Your Computer Becomes Infected with Windows Instant Scanner

You can easily remove most malware in the FakeVimes family of malware with a reliable anti-malware program. However, dealing with Windows Instant Scanner and other versions of this threat that include a rootkit component may require the use of a specialized anti-rootkit application. You can also stop most of Windows Instant Scanner's most irritating symptoms by entering the registration code 0W000-000B0-00T00-E0020. However, in order to prevent relapse and other malware infections, it will still be necessary to remove this threat from your computer.

SpyHunter Detects & Remove Windows Instant Scanner

Windows Instant Scanner Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Instant Scanner may create the following file(s):
# File Name MD5 Detections
1. Protector-gjrt.exe ebfe32f3decca9d3f2c78962d48159b7 1
2. Protector-[RANDOM CHARACTERS].exe

Registry Details

Windows Instant Scanner may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe

Related Posts

Trending

Most Viewed

Loading...