Windows Performance Catalyst

Windows Performance Catalyst is a fake anti-malware application that uses error reports that are reminiscent of Microsoft Security Essentials to entice you into spending money on a purchasable version of Windows Performance Catalyst's program. Although Windows Performance Catalyst may appear to offer a diagnostic and threat removal features, SpywareRemove.com malware researchers warn that Windows Performance Catalyst isn't any better at fixing errors or deleting PC threats than any other member of its family – which is to say, Windows Performance Catalyst has no real security functions at all. Since Windows Performance Catalyst may also attack running processes and prevent you from accessing critical security programs, it's recommended that you remove Windows Performance Catalyst via standard PC security strategies (such as booting into Safe Mode) backed up by a trustworthy anti-malware scanner.

Windows Performance Catalyst – a PC Threat That Precedes Performance-Related Events That You'll Never Want to See Again

Windows Performance Catalyst is far from being a unique program, and actually can be considered identical in all significant respects to other rogue anti-malware products in its family, which is popularly identified as FakeVimes. Rogue anti-malware products from Windows Performance Catalyst's family have been known to be installed by Trojans that are used in drive-by-download attacks or distributed in the form of fake media updates. Other variants of FakePAV-based scamware like Windows Performance Catalyst include (but aren't limited to) Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.

Like its relatives, Windows Performance Catalyst will launch itself via Windows Registry-based exploits and begin bombarding your PC with fake alerts, fake system scans and fake percentile-based analyses of your computer's security status. Samples of warnings from Windows Performance Catalyst include the following and, as SpywareRemove.com malware researchers stress, should always be ignored as fraudulent:

Warning! Running trial version!
The security of your computer has been compromised!
Now running trial version of the software!
Click here to purchase the full version of the software and get full protection for your PC!

Warning!
Location: [Application file path]
Viruses: Backdoor.Win32.Rbot

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Warning!
Name: [Application file name]
Name: [Application file path]
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

Warning! Database update failed!
Database update failed!
Outdated viruses databases are not effective and can't [sic] guarantee adequate protection and security for your PC!
Click here to get the full version of the product and update the database!

System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.
This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.

Why You Shouldn't Want Windows Performance Catalyst's Memory-Scanning Protection

Rogue anti-malware products in the Windows Performance Catalyst's family have also been noted for their ability to scan your PC for undesirable memory processes and close them automatically. Although, in right hands, this could be considered a security feature, SpywareRemove.com malware experts have sadly observed that FakePAV rogue anti-malware programs like Windows Performance Catalyst will use this function to shut down benign programs, including security products, instant messengers, script packages and Google-brand utilities.

Since the above issue can make Windows Performance Catalyst a high-level threat to your computer's security instead of just a nuisance, you should delete Windows Performance Catalyst as soon as the first opportunity to do so is clear. To prevent Windows Performance Catalyst or related PC threats (such as Zlob Trojans) from blocking your security software in the removal process, you can use Safe Mode or an alternative OS source (such as a removable drive) to launch Windows without Windows Performance Catalyst or other PC threats also being launched. In normal cases, it's not recommended for you to attempt to remove Windows Performance Catalyst without help from appropriate anti-malware software due to the likelihood of other PC threats also being installed and capable of additional attacks.

Technical Details