Windows Performance Adviser
Despite the fact that Windows Performance Adviser is marketed as a legitimate security program, Windows Performance Adviser is actually a cleverly disguised malware threat. To be specific, Windows Performance Adviser is a kind of malware known as a rogue security application and is part of the Rogue:FakeVimes family of malware. Windows Performance Adviser and its clones attempt to steal their victims' money by tricking them into purchasing useless, fake security applications. While clones of Windows Performance Adviser have been around since 2009, Windows Performance Adviser itself belongs to a group of FakeVimes rogue anti-virus applications released in 2012. Malware in this recent variant of FakeVimes is in itself not particularly difficult to remove, but is often bundled with a rootkit in the ZeroAccess family.
The presence of this rootkit on the victim's computer system can make the removal of Windows Performance Adviser quite difficult. This is because this rootkit component is designed to hide Windows Performance Adviser from legitimate security applications, making its detection and removal quite difficult. ESG security analysts recommend using a strong, reliable, anti-malware program with an anti-rootkit component, if your computer system is infected with Windows Performance Adviser or with clones of Windows Performance Adviser such as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
Table of Contents
An Overview of the Windows Performance Adviser Scam
Windows Performance Adviser uses various tactics in order to make its victim believe that their computer is under attack (with malware other than Windows Performance Adviser itself). Its main strategy is using a variety of misleading security alerts that can severely disrupt a computer user's activity. Windows Performance Adviser will also run a fake scan of the victims' computer system, with results claiming that the computer is severely infected.
Other ways in which Windows Performance Adviser carries out its scam include preventing access to certain files, causing system crashes and hijacking the victim's web browser. However, attempting to fix these problems with Windows Performance Adviser will result in a notification claiming that it is necessary to obtain a registration code by purchasing Windows Performance Adviser's "full version" which is, of course, not free. The registration code 0W000-000B0-00T00-E0020 can help stop most of Windows Performance Adviser's annoying error messages. However, this will not remove Windows Performance Adviser itself. To do that, the help of a reliable anti-malware application will still be necessary.
Windows Performance Adviser Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AppData%\Protector-[RANDOM CHARACTERS].exe | |
2. | %AppData%\Inspector-[RANDOM CHARACTERS].exe |