Windows Privacy Counsel

By | June 11, 2012 | 0 Comment

All computer users should treat Windows Privacy Counsel as harmful software. Never install this product into your PC as it will not able to protect it the way genuine program does. It is endorse as a useful program, but in reality, it will not provide and shield or related services. Instead, Windows Privacy Counsel will pollute the computer with fictitious alerts and security-related findings. Installation of this malware also leads to alteration of system settings causing Windows to fail.

As an additional information, you should know that Windows Privacy Counsel sneaks into your computer through security breaches. It is unknown to you but there are a number of these faults inside the system. This is the reason why software manufacturer offers program updates, to patch the hole and keep the software secure against any types of attacks.

If in the malware got a slot inside your PC, follow the guide as outlined on this page. This will remove Windows Privacy Counsel and other components that may be residing on the system. After you remove the malware, it is important that you update all your programs to the latest patch if there are available.

Type Rogue
Sub-Type FakeAV
OS Affected Windows

What are the Symptoms of Windows Privacy Counsel Infection?

Here is a screenshot image of the rogue program when it begins to scan the computer.

WFake indows Privacy Counsel

It will modify Windows Registry and add the following entries:
HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKCU\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “u_2012-5-24_6”
HKCU\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “ncgfywudjs”
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exe
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SafetyKeeper.exe

The threat will drop the following malicious files:
%AppData%\NPSWF32.dll
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Privacy Counsel.lnk
%Desktop%\Windows Privacy Counsel.lnk

Leave a Reply

Your email address will not be published. Required fields are marked *