Security Stronghold security made easy

How to remove Windows Antivirus Machine: Download Removal Tool


* What is Windows Antivirus Machine

* Download WiperSoft Antispyware Malware Remediation Tool

* Remove Windows Antivirus Machine manually

* Get Professional Support

* Read Comments


Threat indicator: HIGH

Threat's profile

Name of the threat:

Command or file name:

Threat type:

Affected OS:

Windows Antivirus Machine

Protector-(random 4 letters).exe

Rogue

Win32/Win64 (Windows XP, Vista, Windows 7, Windows 8/8.1, Windows 10)


Autorun of Windows Antivirus Machine can be fixed in Hijackthis by fixing the line:

O4 - HKCU\..\Run: [Inspector] %AppData%\Protector-(random 4 letters).exe

To unlock your PC and get rid of alerts use following code:

0W000-000B0-00T00-E0020


Windows Antivirus Machine

Windows Antivirus Machine intrusion method

Windows Antivirus Machine copies its file(s) to your hard disk. Its typical file name is Protector-(random 4 letters).exe. Then it creates new startup key with name Windows Antivirus Machine and value Protector-(random 4 letters).exe. You can also find it in your processes list with name Protector-(random 4 letters).exe or Windows Antivirus Machine. Also, it can create folder with name Windows Antivirus Machine under C:\Program Files\ or C:\ProgramData.

If you have further questions about Windows Antivirus Machine, please call us on the phone below. It is toll free. Or you can use programs to remove Windows Antivirus Machine automatically below.


Download Wipersoft Antispyware

Download this advanced removal tool and solve problems with Windows Antivirus Machine and Protector-(random 4 letters).exe (download of fix will start immediately):

Download WiperSoft Antispyware to remove Windows Antivirus Machine

* WiperSoft Antispyware was developed to remove threats like Windows Antivirus Machine in automatic mode. Remover has active module to protect PC from hijackers, trojans, ransomware and other viruses. Trial version of Wipersoft provides detection of computer viruses for FREE. To remove malware, you have to purchase the full version of Wipersoft.


Features of WiperSoft Antispyware

* Removes all files created by viruses.

* Removes all registry entries created by viruses.

* You can activate System and Network Guards and forget about malware.

* Can fix browser problems and protect browser settings.

* Removal is guaranteed - if Wipersoft fails ask for FREE support.

* 24/7 Spyware Helpdesk Support included into the package.


Download Spyhunter Remediation Tool by Enigma Software

Download antimalware designed specifically to remove threats like Windows Antivirus Machine and Protector-(random 4 letters).exe (download of fix will start immediately):

Download AntiMalware to remove Windows Antivirus Machine

Features of Spyhunter Remediation Tool

* Removes all files created by Windows Antivirus Machine.

* Removes all registry entries created by Windows Antivirus Machine.

* Fixes browser redirection and hijack if needed.

* "Toolbar Remover" tool will help you get rid of unwanted browser extensions.

* Removal is guaranteed - if Spyhunter Remediation Tool fails ask for FREE support.

* 24/7 Helpdesk Support and 5 hours of Remote Support via GoToAssist included into the package.

Let our support team solve your problem with Windows Antivirus Machine and remove Windows Antivirus Machine right now!

support person

Submit support ticket below and describe your problem with Windows Antivirus Machine. Support team will offer you solution in several minutes and give a step-by-step instruction on how to remove Windows Antivirus Machine. Trouble-free tech support with over 10 years experience removing malware.


Submit support ticket


Software Industry Professionals Member
Threat's description and solution are developed by Security Stronghold security team.

Here you can also learn:

* Technical details of Windows Antivirus Machine threat.

* Manual Windows Antivirus Machine removal.

* Download WiperSoft Antispyware Malware Remediation Tool.


How to remove Windows Antivirus Machine manually

This problem can be solved manually by deleting all registry keys and files connected with Windows Antivirus Machine, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by Windows Antivirus Machine.

To get rid of Windows Antivirus Machine, you should:

file logo

1. Kill the following processes and delete the appropriate files:

  • %AppData%\NPSWF32.dll
  • %AppData%\Protector-[random chars].exe
  • %AppData%\result.db
  • %AppData%\1st$0l3th1s.cnf

Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use WiperSoft Antispyware Malware Remediation Tool for safe problem solution.

**Trial version of Wipersoft provides detection of computer viruses for FREE. To remove malware, you have to purchase the full version of Wipersoft.

windows folder logo

2. Delete the following malicious folders:

no information

windows registry logo

3. Delete the following malicious registry entries and\or values:

  • Key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system

    Value: EnableLUA
    Data: "0"
  • Key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system

    Value: ConsentPromptBehaviorUser
    Data: "0"
  • Key:
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system

    Value: ConsentPromptBehaviorAdmin
    Data: "0"
  • Key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

    Value: DisableTaskMgr
    Data: "0"
  • Key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

    Value: DisableRegistryTools
    Data: "0"
  • Key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings

    Value: WarnOnHTTPSToHTTPRedirect
    Data: "0"
  • Key:
    HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System

    Value: DisableRegedit
    Data: "0"
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    Value: Inspector
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings
    Value: net
    Data: 2012-6-14
  • Key: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings
    Value: UID
    Data: (random)
  • Key: HKEY_CURRENT_USER\Software\ASProtect
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    \alevir.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    \bipcpevalsetup.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    \gbmenu.exe
  • Key: HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options
    \msdm.exe

Warning: if value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use WiperSoft Antispyware Malware Remediation Tool for safe problem solution.


If Windows Antivirus Machine blocks you from running security programs.

Often rogue programs like Windows Antivirus Machine block you from running security programs and visiting anti-virus websites. In this case we recommend you to boot your Windows in Safe Mode with Networking. This is special mode when Windows will not load third-party services, drivers and start-up objects. However you will be able to use Internet. Just download and run suggested programs for easy Windows Antivirus Machine removal is Safe Mode with Networking. To load in Safe Mode with Networking and remove Windows Antivirus Machine do the following:


  • Start or restart your Windows

  • Keep pressing F8 button from the beginning of the boot

  • This will open Advanced Boot Option menu

  • In the menu choose Safe Mode with Networking (use arrows on the keyboard to navigate)

  • Wait until Windows loads

  • Download WiperSoft Antispyware Malware Remediation Tool scan and remove found threats.

  • Restart Windows in Normal Mode


Information provided by: Aleksei Abalmasov

Next threat: Trojan.Tatanarg »

« Back to catalog

Home | Partners | Shop | Support | Terms of use | Contact Us | Privacy Policy | Sitemap

Copyright © 2024 Security Stronghold. All Rights Reserved. All content on this website is protected and belongs to Security Stronghold LLC.