Remove Windows Command Processor. Removal instructions
Windows Command Processor is one more member of Rogue.FakeVimes family. Just like its predecessors the program tries to trick you into thinking that your system is badly infected and then make you purchase something completely useless. The application uses tricky methods to get access to systems. It employs trojan viruses and may use some Internet websites and display its fake scanners online that only pretend scanning your computer. Then it definitely states that your system is infected and recommends downloading and installing a full version of Windows Command Processor in order to clean all infections.
Windows Command Processor displays various security notifications which also warn about some suspicious items detected on your machine. That is just a kind of tactics that rogue programs use in order to gain trust and convince computer users into purchasing something fake. Needless to say that Windows Command Processor will not detect or remove anything at all. Have a look at some pop up messages that you can receive if you are infected with Windows Command Processor:
Warning! Identity theft attempt Detected
Hidden connection IP: 58.82.12.124
Target: Your passwords for sites
Error
Trojan activity detected. System data security is at risk.
It is recommended to activate protection and run a full system scan.
Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Beware of such program and be very careful about downloading anything without making a small research about the program first. You cannot pay for it under any circumstances. If by any reason you have done that already, contact your credit card company and dispute the charges in order to avoid making any benefits for the cyber criminals. Remove Windows Command Processor using a reputable antispyware program as soon as possible.
Automatic Windows Command Processor removal:
(2012-04-12 05:41:32)
(2012-04-12 05:41:32)
(2012-04-12 05:41:32)
Windows Command Processor manual removal:
Kill processes:
Inspector-[rnd].exe Protector-[rnd].exe
how to kill malicious processes
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “ID” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-2-17_2”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “rudbxijemb”
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
how to remove registry entries
Delete files:
%AppData%\Inspector-[rnd].exe %AppData%\Protector-[rnd].exe
how to remove harmful files
Information updated: 2012-04-12 05:41:32