Windows Advanced Security Center Virus is another addition to the rogue malware application of FakeVimes family. We at FixPCYourself has classified it as a fake security program. Windows Advanced Security Center similar GUI like its older version. On Surface Windows Advanced Security Center appears to be good internet security providing software but it reality it fake program intended to still your money. This application does not remove any Trojan or malware from your computer. Like any other fake program Windows Advanced Security Center displays security issues and system errors to make you to think that your computer is at risk. Windows Advanced Security Center program also shows different type scan option, antiphising and firewall option. But none of them are really present in the program itself. Rather Windows Advanced Security Center will just show you fake scan and system errors. Once the free scan is completed Windows Advanced Security Center will ask to you buy paid version of its software so that all the infected files can be moved. Do not become victim of this fake software. Windows Advanced Security Center will keep displaying alert and security warning until you remove Windows Advanced Security Center infection from your machine.
Typically Windows Advanced Security Center is spread via peer to peer applications, free movie download site, software sharing program, email attachments, social networking sites and other many malicious web sites. Sometime it hacks other good website and use it bait. Normal users thinks it Microsoft Windows product and it provides some short of Firewall protection. Most of rogue Anti-Spyware like Windows Advanced Security Center are nearly impossible to remove manually by normal user as it creates hidden and encrypted files in your machine. Normally Windows Advanced Security Center virus does not get detected by normal user unless they use reputable Antivirus software or consult with technicians. To fix your pc yourself and remove infection program like Windows Advanced Security Center simply follow these steps.
How to remove Windows Advanced Security Center Steps :
Step 1:Print out these instructions as you will need to shutdown the computer in next step.
Step 2:Now power down the Windows Advanced Security Center infected computer. And wait for 30 Seconds before you turn on
Step 3:Now please turn ON the computer and immediately keep hitting F8 until you see WINDOWS ADVANCED OPTIONS MENU as shown below.
Step 4:In the WINDOWS ADVANCED OPTIONS MENU, go down to the SAFE MODE WITH NETWORKING using the arrow keys on the board. Then press ENTER on the keyboard. This will take your computer to Safe mode. Safe Mode will cause the display and desktop icons to appear changed. This is normal. No need to Panic as it is due to Windows Advanced Security Center.
Step 5:This, Windows Advanced Security Center, infection may change computer windows settings to use a proxy server that will not allow you to browse any pages on the Internet with Internet Explorer. We will first need to fix this as we will need to download malware removal utilities. They are safe and very reputed in Computer Industry. Now hold down the WINDOWS key and then press the R key.
Step 6:The RUN dialog box will appear. Type iexplore.exe In the RUN dialog and click OK button.
Step 7:You will see Internet Explorer. On the top navigation click TOOLS then under the sub-menu of TOOLS choose INTERNET OPTIONS as shown below.
Step 8: Now find the CONNECTIONS tab within the INTERNET OPTIONS dialog box and click on it. Then click the LAN SETTINGS button.
Step 9:If there is a check-mark in the box named “Use a proxy server for your LAN”, under the PROXY SERVER section, then uncheck the box. If there is not a check mark located in the box then you can skip this step and move on to next step.
Step 10:Now hit the OK button to close the LOCAL AREA NETWORK dialog box. Then press the OK button to close the INTERNET OPTIONS dialog box.
Step 11Now we must end all the processes that belong to Windows Advanced Security Center so that it does not interfere with your ability clear your computer. Inspector-[random char].exe and Protector-[ random char].exe are the processed that needs to be stopped. To do this we need to download Rkill, developed by Bleepingcomputer to help stop the computer process of Windows Advanced Security Center. Now please hold down the WINDOWS key and the R key simultaneously to open RUN dialog box.
Step 12Now type “iexplore.exe http://www.fixpcyourself.com/rkill.com” and hit the OK button.
Step 13:Save the Rkill.exe on your desktop. Double-click the Rkill icon and run Rkill.exe. You will see a black MS DOS dialog box. Now it will kill all the processes of Windows Advanced Security Center. It will take several minute before a Notepad file containing log information on what Rkill found will open. You may review it and close notepad file.
Step 14:Now you are ready to removal all the infection related to Windows Advanced Security Center. For the you need to Malwarebytes. Malwarebytes is a very popular malware and spyware removal application. Now please hold down the WINDOWS key and the R key simultaneously to open RUN dialog box. Type “iexplore.exe http://www.fixpcyourself.com/mbam.exe” and hit the OK button.
Step 15:Save the mbam.exe on your desktop. Double-click the Malwarebytes icon and run mbam.exe. Now the SELECT SETUP LANGUAGE dialog box will appear. Select your preferred language and hit press OK button.
Step 16:The Malwarebytes SETUP WIZARD will show blow screen Hit the NEXT button to continue.
Step 17:Now the LICENSE AGREEMENT screen will appear as shown. Accept the agreement and hit NEXT button.
Step 18:Now the Information screen will appear. Click on next button and continue following the steps.
Step 19:SELECT DESTINATION LOCATION screen will appear now. You can choose the location where Malwarebytes can be install. We recommend to choose the default location as shown then click NEXT button.
Step 20:Now the SELECT START MENU FOLDER screen will appear. Let the default as it is and click NEXT button.
Step 21:Now the SELECT ADDITIONAL TASKS screen will appear. If you want a Desktop Icon or Quick Launch icon then check appropriate boxes.
Step 22:READY TO INSTALL screen will come next. Hit the INSTALL button to install Malwarebytes.
Step 23:In this step let the UPDATE and LAUNCH checked as it is to update the application with latest malware definition to capture all the malwares then click FINISH button.
Step 24:Once update is done then Scanner screen will launch. Make sure to select PERFORM FULL SCAN is selected to clean up Windows Advanced Security Center infection. Click on SCAN button to start the scan.
Step 25:Now choose the local drives that you want to scan from the dialog box and click SCAN button.
Step 26:Be patient as the scan will take several minutes before it cleans up Windows Advanced Security Center infection. Once the scan is finished, a message box saying the scan is complete will appear. Click OK button to close the box then click SHOW RESULTS button.
Step 27:From results dialog box choose REMOVE SELECTED button to remove all the infections found. Malwarebytes will also delete all of the files and registry keys affected by Windows Advanced Security Center and add them to the quarantine.
Step 28:Malwarebytes may required you to reboot the PC to complete the removal of Windows Advanced Security Center. After completion reboot your computer Malwarebytes will be relaunched, please follow the instructions on the screen and continue the removal process. Once everything is clean out a log will be open created by Malwarebytes. Please reviewed it and closed it. Now your computer should be free of Windows Advanced Security Center. Enjoy.
Technical Details of Windows Advanced Security Center files :
You need to delete following Windows Advanced Security Center files:
%desktopdir%\ Windows Advanced Security Center.lnk
%commonprograms%\ Windows Advanced Security Center.lnk
%CommonStartMenu%\Programs\ Windows Advanced Security Center.lnk
Also please delete Windows Advanced Security Center registry file:
Options\platin.exeHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableRegistryTools’ = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “ID” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Windows Advanced Security Center
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run ‘Inspector’
HKEY_LOCAL_MACHINE\SOFTWARE\Windows Advanced Security Center
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableRegedit’= 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings ‘WarnOnHTTPSToHTTPRedirect’ = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System ‘DisableTaskMgr’ = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_CURRENT_USER\Software\Windows Advanced Security Center
Windows Advanced Security Center Symptoms:
Some unknown process running in background like inspector.exe and protector.exe
Inability launch browser and redirect to payment page of Windows Advanced Security Center site.
Slower PC performance PC caused by Windows Advanced Security Center Virus.
Infection Alert Messages reflecting presence of Windows Advanced Security Center virus.