Windows Anti-Malware Patch is a rogue anti spyware program that is developed by the FakeVimes family of spywares. If you know this family, you must be aware of their method of making people fool by snatching the money. Like all the rogue programs of the family, the Windows Anti-Malware Patch is designed with the same interface and functions to get the money. This fake program acts like a security program, but in fact, it is the greatest threat to your security. The Windows Anti-Malware Patch will make you believe that your computer is affected with the viruses and you should instantly buy the full version of the Windows Anti-Malware Patch.  It displays continuous security pop ups which make you believe the scam of this bogus program.

The Windows Anti-Malware Patch program is created just to get the money from the users by using illegal ways. The program enters into your computer through the loopholes in your security system and installs itself without you being aware of it. Whenever you reboot your computer, it will run a fake virus scan and shows you a list of files that are affected with different types of viruses.

Following is a detailed method on how to remove Windows Anti Malware:

Remove Windows Anti-Malware Patch processes

  1. Windows Anti-Malware Patch processes can be stopped from working through the windows task manager.
  2. Press the CTRL + Shift + ESC shortcut keys at a time to quickly open the Windows task manger.
  3. Or click on Start > Run.
  4. Type taskmgr and press Ok.
  5. Find the tab ‘processes’ and click on it.
  6. Look for column named ‘image name’ all the active processes are listed there.
  7. The Windows Anti-Malware Patch process you must remove is:

Protector-[rnd].exe

 

  1. Click on the above process and select the option Delete from the menu to permanently remove the Windows Anti-Malware Patch process.

Remove Windows Anti-Malware Patch registry key values

  1. Click on Start then select the option Run.
  2. Type regedit and click Ok.
  3. In the left pane; click on Edit and then on Find.
  4. Enter the Windows Anti-Malware Patch registry key values to locate them and press Ok.
  5. Right click on the found values and click on the option Delete.
  6. The Windows Anti-Malware Patch registry key values are:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “ID” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-2-17_2″

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “rudbxijemb”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe

Remove Windows Anti-Malware Patch other files

  1. Go to start and click on ‘All programs’.
  2. When all the programs are shown click on the ‘Accessories’.
  3. From the drop down men select the option ‘command prompt’ and click on it.
  4. When the command prompt opens write down the name of the Windows Anti-Malware Patch other files with the directory name.
  5. If you do not know the exact location of the Windows Anti-Malware Patch file; type the command ‘dir’ it will list all the files along with their directories.
  6. When the file is found type “regsvr32 /u SampleName.exe”; replace SampleName.exe with the following name:

%AppData%\Protector-[rnd].exe

How to remove Windows Anti-Malware Patch?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>