Windows Efficiency Reservoir

Posted in: Malware

Call Toll Free in the US and Canada!

Title: Windows Efficiency Reservoir
Type: Rogue Antispyware

Remove Windows Efficiency Reservoir
. Removal instructions

 
Also known as: WindowsEfficiencyReservoir
Severity scale:  (72 / 100)


 

Windows Efficiency Reservoir is a fake anti-spyware program that blocks legitimate antivirus products and displays fake security alerts to scare you into thinking that you are infected. It enters a computer with the help of Trojans and other malware that come from fake online virus scanners. It has to be manually installed but sometines just visiting a website is enough to get infected. Scammers create many fake and malicious websites, usually fake online scanners and video websites to distribute malicious software. Once a Trojan is installed, it will download and install Windows Efficiency Reservoir scareware on the computer. Once installed, the rogue anti-spyware program displays fake security alerts and false scan results usually about various malware infections that actually do not even exist. Then it asks to pay for a full version of the program to remove the found ‘infections’. Don’t purchase it! Instead, please use the removal guide below to remove Windows Efficiency Reservoir from your computer as soon as possible.

While Windows Efficiency Reservoir is running, it will displays fake security warnings and fake notifications from Windows task bar. They are all basically the same. What is more, the rogue program will impersonate Windows Security Center and state that your computer is not protected. The fake security center looks just like the legitimate one except that it promotes rogue program. Some of the fake security alerts:

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.
Warning!
Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

As you can see, Windows Efficiency Reservoir is a virus and must be removed upon detection. Please read the removal guide below and remove this virus using recommended remove tool. In some cases, this fake anti-spyware program comes with TDSS Trojan. Usually, it blocks legitimate anti-virus software, so at first you will have to remove this infection and then proceed with the rest of this removal guide. Also note that it may block security related websites, if you can’t download malware removal tool then reboot your computer in safe mode with networking.

Windows Efficiency Reservoir snapshot:

Automatic Windows Efficiency Reservoir removal:

remover for Windows Efficiency Reservoir

Spyware Doctor is recommended remover to uninstall Windows Efficiency Reservoir.
You should confirm using free trial that it detects current version of parasite.

Note:
Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention,
please read manul removal instructions below.

If you failed to remove Windows Efficiency Reservoir using Spyware Doctor please report this to us.

We might be affiliated with any product we recommend on the site. Full disclosure in our Agreement of Use.

SpyHunter
download | review | tutorial

We are testing SpyHunter’s efficiency at removing Windows Efficiency Reservoir
(2012-04-06 03:24:57)

STOPzilla
download | review

We are testing STOPzilla’s efficiency at removing Windows Efficiency Reservoir
(2012-04-06 03:24:57)

Malwarebytes Anti Malware
download | review


We are testing Malwarebytes Anti Malware’s efficiency at removing Windows Efficiency Reservoir
(2012-04-06 03:24:57)

XoftSpySE Anti Spyware
download | review

Windows Efficiency Reservoir manual removal:

Kill processes:
Protector-[rnd].exe

HELP:
how to kill malicious processes

Delete registry values:
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableRegedit” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Policies\\System “DisableTaskMgr” = 0
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Run “Inspector”
HKEY_CURRENT_USER\\Software\Microsoft\\Windows\\CurrentVersion\\Settings “net” = “2012-3-11_2?
HKEY_CURRENT_USER\\Software\\Microsoft\\Windows\\CurrentVersion\\Settings “UID” = “origkboryd”
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\atcon.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\bipcp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\ecengine.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\infwin.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\msconfig
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\PavFnSvr.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\sahagent.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\titaninxp.exe
HKEY_LOCAL_MACHINE\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Image File Execution Options\\wsbgate.exe

HELP:
how to remove registry entries

Delete files:
%AppData%\NPSWF32.dll %AppData%\Windows Efficiency Reservoir.exe %AppData%\result.db %CommonStartMenu%\Windows Efficiency Reservoir.lnk %Desktop%\Windows Efficiency Reservoir.lnk

HELP:
how to remove harmful files
Information added: 2012-04-06 03:24:57
Information updated: 2012-04-06 06:23:36
Tags: , ,