Windows Pro Web Helper

Windows Pro Web Helper Description

Type: Rogue AntiSpyware Programs

ScreenshotOn a superficial look, anyone can mistake Windows Pro Web Helper for a real security application. However, Windows Pro Web Helper is actually a malware infection that is disguised as an anti-virus application. Malware like Windows Pro Web Helper are known as rogue anti-virus programs. These are used to steal computer users' money by convincing them to purchase a fake anti-virus program. Windows Pro Web Helper is one more member of a large family of rogue anti-virus programs known as Rogue:FakeVimes.

Malware applications in the FakeVimes family of rogue anti-virus programs have been active since 2009, and have been updated gradually since then. Because of this infection's long history, PC security researchers are very familiar with how it works, meaning that most security programs can deal easily with malware infections such as Windows Pro Web Helper. However, malware programs in the FakeVimes family released in 2012 often include a rootkit component in the ZeroAccess or Sirefef family of malware. This rootkit component creates a hidden file system that hides the Windows Pro Web Helper infection and its associated malware. Because of this, the considerably harder task of removing the rootkit infection must be carried out before the Windows Pro Web Helper rogue anti-virus program can be removed.

Staying Safe from a Windows Pro Web Helper Infection

Protecting yourself from Windows Pro Web Helper means you also should protect your computer from all of its many known clones. Examples of these include such fake anti-malware applications as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

Although such programs are named differently, there are virtually no differences from one to the other besides slight changes to each rogue anti-virus program's name. All of these fake anti-virus programs carry out the same scam. Basically, they will pretend to scan the victim's computer system, claim numerous false positives, and then use aggressive tactics to convince the victim to 'upgrade' to a nonexistent full version of Windows Pro Web Helper.

Paying for Windows Pro Web Helper is not a good idea, considering that none of the programs in the FakeVimes family of malware has real anti-malware capabilities. Instead, you can trick Windows Pro Web Helper into thinking that you have 'upgraded' by entering the registration code 0W000-000B0-00T00-E0020. This registration code can stop Windows Pro Web Helper from using its aggressive approach (mainly in the form of multiple annoying error messages) to convince you to pay for this useless fake anti-virus. While this will not remove Windows Pro Web Helper, it will definitely help in gaining access to a real security program and using it to remove Windows Pro Web Helper and its associated rootkit component.ScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshotScreenshot

Technical Information

Screenshots & Other Imagery

SpyHunter Detects & Remove Windows Pro Web Helper

Windows Pro Web Helper Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Pro Web Helper creates the following file(s):
# File Name MD5 Detection Count
1 Protector-yjpo.exe a07cb63d362c4d996f6551696c98621c 1
2 Protector-raub.exe 0fe04be252ef427ce0eda2d563dcbb82 1
3 %AppData%\Protector-{RANDOM 4 CHARACTERS}.exe N/A
4 %AppData%\Protector-{RANDOM 3 CHARACTERS}.exe N/A
5 %AppData%\NPSWF32.dll N/A
6 %StartMenu%\Programs\Windows Pro Web Helper.lnk N/A

Registry Details

Windows Pro Web Helper creates the following registry entry or registry entries:
Registry key
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = 2012-2-20_1
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 4
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\{RANDOM CHARACTERS}.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0

More Details on Windows Pro Web Helper

The following messages associated with Windows Pro Web Helper were found:
Error
Attempt to run a potentially dangerous script detected.
Full system scan is a highly recommended.
Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.
Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Site Disclaimer

Enigmasoftware.com is not associated, affiliated, sponsored or owned by the malware creators or distributors mentioned on this article. This article should NOT be mistaken or confused in being associated in any way with the promotion or endorsement of malware. Our intent is to provide information that will educate computer users on how to detect, and ultimately remove, malware from their computer with the help of SpyHunter and/or manual removal instructions provided on this article.

This article is provided "as is" and to be used for educational information purposes only. By following any instructions on this article, you agree to be bound by the disclaimer. We make no guarantees that this article will help you completely remove the malware threats on your computer. Spyware changes regularly; therefore, it is difficult to fully clean an infected machine through manual means.