Windows Pro Defence rogue removal guide

Windows Pro Defence fake AV should be treated as a rogue security program not able to protect your system. Instead of providing a helpful security service this fraudware seriously contaminates your workstation and it inevitably leads to the distortion of PC function. So, do not skip reading this entry to timely identify and remove this hoax. The neglect of this virus removal may be dangerous since it may bring other, more serious viruses to your computer.

It squeezes to the targeted PC without being noticed. It does not wait for your approval or consent. Windows Pro Defence tunes up the system in such way to start after every Windows reboot. Once you restart your computer the pest interferes into your steady work with annoying pop ups and fake system checkups. Upon the termination of such bogus scans, the deceitful scan results are generated. The scanning reports are worth no trusting. The potential victim is misinformed that the PC needs immediate aid in order to prevent the PC crash. If you attempts to delete all allegedly detected insecure items by means of “almighty remedy” you will be rerouted to the web page where the commercial version of Windows Proactive Safety is offered.

3. Files

In the process of the installation, Windows Pro Defence copies the following files to the hard disk.

• %AppData%\NPSWF32.dll
• %AppData%\Protector-[rnd].exe
• %AppData%\result.db

4. System registry

Windows Pro Defence creates the following registry entries:

• HKCU\Software\Microsoft\Windows\CurrentVersion\Run\Inspector %AppData%\Protector-[rnd].exe
• HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\WarnOnHTTPSToHTTPRedirect 0
• HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\ID 4
• HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\UID [rnd]
• HKCU\Software\Microsoft\Windows\CurrentVersion\Settings\net [date of installation]
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorAdmin 0
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\ConsentPromptBehaviorUser 0
• HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system\EnableLUA 0
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exe
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE
• HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exe

Windows Pro Defence malware remover: