Windows Proactive Safety
Windows Proactive Safety Description
Since Windows Proactive Safety includes many of the superficial aesthetics of outdated versions of Windows Security Center, you may be inclined to think that Windows Proactive Safety could be a legitimate security product, but Windows Proactive Safety’s actual nature is pure and simple scamware. While Windows Proactive Safety uses pop-ups and system scans to convince you that an army of remote attackers and malicious applications are banging at your PC’s gates, SpywareRemove.com malware researchers have divined that Windows Proactive Safety is incapable of providing legitimate security information or removing any of the PC threats that Windows Proactive Safety says are on your computer. As a garden-variety rogue anti-malware scanner, Windows Proactive Safety should be treated as hostile as any virus, and deleting Windows Proactive Safety with a strong anti-malware product is heavily encouraged.Windows Proactive Safety – the Computer Guardian Against Imaginary Enemies
Windows Proactive Safety is a typical example of modern variants from the family of scamware that’s labeled FakeVimes or FakeVimes, which members include PC Live Guard, Windows Shield Tool, Smart Security, Windows Performance Catalyst, Windows Safety Manager, Windows ProSecure Scanner, Windows Guard Tools, Windows Antivirus Care, Windows Software Saver, Smart Internet Protection 2011, Windows Be-on-Guard Edition, Windows Privacy Extension, Windows Antivirus Machine, Windows Trouble Taker, Windows Sleek Performance, Windows Home Patron, XP Smart Security, Windows Privacy Counsel, Windows Basic Antivirus, Windows Firewall Constructor, Windows No-Risk Center, Windows Defence Counsel, Windows Protection Maintenance, Smart Anti-Malware Protection, Total Anti Malware Protection, Windows Premium Defender, Windows Health Keeper, Windows Safety Wizard, Windows Interactive Security, Additional Guard, Windows Pro Safety Release, Windows Anti-Malware Patch, Windows Shielding Utility, Activate Ultimate Protection, Windows Maintenance Guard, Windows Pro Defence, Anti-Malware Lab, Windows Active Defender, Windows Profound Security, System Protection Tools, Smart Virus Eliminator, Windows Managing System, Windows Care Taker, Windows Advanced Toolkit, Windows Control Series, Windows Web Commander, Windows Secure Workshop, Windows PC Aid, Windows Custodian Utility, Windows Security Renewal, My Security Wall, Windows Problems Stopper, Enterprise Suite, Live Enterprise Suite, Keep Center Keeper, Windows Guardian Angel, Windows Pro Web Helper, Windows Advanced User Patch, Windows Risk Minimizer, Windows Expert Series, Windows Virtual Angel, Windows Active Guard, Windows Secure Web Patch, Windows Virus Hunter, PrivacyGuard PRO, Extra Antivirus, Windows Enterprise Suite, Live PC Care, Windows Efficiency Accelerator, Windows Software Keeper, Windows Tools Patch, Windows Safety Module, Windows Pro Safety, Windows Ultimate Security Patch, My Security Shield, Windows Private Shield, Windows Web Combat, Security Antivirus, Windows Safety Maintenance, Personal Security Sentinel, Windows Virtual Firewall, Windows Premium Guard, Windows Safety Series, Windows Safety Checkpoint, Personal Internet Security 2011, Windows Protection Unit, My Security Engine, Windows Daily Adviser, Windows AntiHazard Center, CleanUp Antivirus, Windows Antivirus Rampart, Best Malware Protection, Windows Antivirus Release, Windows High-End Protection, Windows Internet Booster, Windows Activity Debugger, Windows Turnkey Console, Windows Interactive Safety, Virus Doctor, Windows System Defender, Home Safety Essentials, Fast Antivirus 2009, Security Master AV, Home Malware Cleaner, Windows Secure Surfer, Smart Internet Protection 2012, Windows Defending Center, Windows Pro Rescuer, Volcano Security Suite, Windows Premium Console, Internet Security Suite, Windows Smart Partner, Windows PRO Scanner, Windows Malware Sleuth, Windows Antihazard Solution, Windows Antivirus Patch, Windows Secure Workstation, Windows Security Suite, Windows Safeguard Upgrade, Windows Maintenance Suite, Windows Protection Master, Windows AntiHazard Helper, Windows First-Class Protector, Best Antivirus Software, Windows Pro Solutions, Windows Debug Center, VirusSecurity, Windows ProSecurity Scanner, Smart Engine, Windows Stability Guard, Windows Personal Doctor, Strong Malware Defender, Windows Threats Destroyer, Windows Safety Toolkit, Windows Advanced Security Center, Windows Process Director, Internet Security Essentials, Windows Instant Scanner, Windows Crucial Scanner, Windows Custom Safety, Antivirus Smart Protection, Windows Enterprise Defender, Windows Performance Adviser, Windows Privacy Module, Windows Security System, Windows Custom Management, Windows Proprietary Advisor, Windows Abnormality Checker, Windows Warding System, Windows Virtual Security, Windows Smart Warden, Windows Functionality Checker, Windows Telemetry Center, Windows No-Risk Agent, Windows Guard Solutions, Windows Multi Control System and Windows Ultimate Safeguard. Although Windows Proactive Safety and similar PC threats are often marketed by fake online scanners, SpywareRemove.com malware researchers warn that Windows Proactive Safety can also be installed by separate PC threats, especially those that piggyback on download links for popular codecs and movie player updates. Windows Proactive Safety’s most visible behavior includes launching itself without your permission as soon as Windows starts, and then using this vantage point to display inaccurate pop-up warnings and system scans.
Windows Proactive Safety’s warning messages will imitate the formats of normal system alerts, and may also include taskbar notifications and similar pop-ups that appear to be sent by Windows itself.
Why Deleting Windows Proactive Safety with All Due Speed is Crucial for Your PC’s Safety
Lamentably, Windows Proactive Safety is more than just a fake anti-malware scanner; Windows Proactive Safety also is an architect of various types of very real attacks against infected PCs. Some of the attacks that SpywareRemove.com malware experts have associated with Windows Proactive Safety include:
- Browser hijacks that lead your web browser to unwanted sites. These sites frequently are malicious and may be used as part of attacks against your online searches.
- Needlessly restricted software usage. Windows Proactive Safety may stop you from using real security programs, including anti-virus scanners, firewall programs and tools like the Windows Task Manager. In some cases, SpywareRemove.com malware analysts have found that it may be necessary to restore the Windows Registry to regain deleted program entries.
- A variety of disabled Windows settings, especially settings that are linked to security for your Windows account or web browser. Files with invalid signatures may be downloaded without appropriate system alerts and UAC functionality may be crippled.
Faking Windows Proactive Safety’s registration process with the code ’0W000-000B0-00T00-E0020′ can be helpful to assist with its deletion, although SpywareRemove.com malware experts stress that this is just one of multiple steps that may be required for Windows Proactive Safety’s removal.
Windows Proactive Safety Automatic Detection Tool (Recommended)
Is your PC infected with Windows Proactive Safety? To safely & quickly detect Windows Proactive Safety, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Proactive Safety
What happens if Windows Proactive Safety does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 Windows Proactive Safety.lnk 527 2 %APPDATA%\ Protector-mllt.exe 438 3 %AppData%\Windows Proactive Safety\ScanDisk_.exe N/A 4 %AppData%\Windows Proactive Safety\Instructions.ini N/A 5 %AppData%\Microsoft\Internet Explorer\Quick Launch\Windows Proactive Safety.lnk N/A 6 %Desktop%\Windows Proactive Safety.lnk N/A 7 %CommonAppData%\SPUPCZPDET\SPABOIJT.cfg N/A 8 %CommonAppData%\58ef5\SPT.ico N/A 9 %CommonAppData%\58ef5\SP98c.exe N/A 10 %Programs%\Windows Proactive Safety.lnk N/A 11 %StartMenu%\Windows Proactive Safety.lnk N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\Windows Proactive Safety"%CommonAppData%\58ef5\SP98c.exe" /s /dHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\UninstallHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Maintenance Guard\Publisher UIS Inc.HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Maintenance Guard\UninstallString "[unknown dir]\[unknown file name].exe"/delHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Proactive SafetyHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Proactive Safety\DisplayIcon [unknown dir]\[unknown file name].exe,0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Proactive Safety\DisplayName Windows Malware FirewallHKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Proactive SafetyInstallLocation [unknown dir]HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Windows Windows Proactive Safety\DisplayVersion 1.1.0.1010HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dumped_.DocHostUIHandlerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dumped_.DocHostUIHandler\ Implements DocHostUIHandlerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dumped_.DocHostUIHandler\ClsidHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFGHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\ConsoleTracingMask -65536HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\EnableConsoleTracing 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\EnableFileTracing 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\FileDirectory %windir%\tracingHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\FileTracingMask -65536HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Tracing\FWCFG\MaxFileSize 1048576HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\About.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\Ad-Aware.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AdwarePrj.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAVHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AlphaAV\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AluSchedulerSvc.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVCare.exe\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVENGINE.EXE\Debugger svchost.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXEHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AVWEBGRD.EXE\Debugger svchost.exeHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\AAWTray.exe\Debugger svchost.exe - The following CLSID's were detected:
HKEY..\..\{CLSID Path} HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\ Implements DocHostUIHandlerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\LocalServer32HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\LocalServer32\ [unknown dir]\[unknown file name].exeHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\ProgIDHKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{3F2BBC05-40DF-11D2-9455-00104BC936FF}\ProgID\ [unknown file name].DocHostUIHandlerHKEY_LOCAL_MACHINE\SOFTWARE\Classes\Dumped_.DocHostUIHandler\Clsid\ {3F2BBC05-40DF-11D2-9455-00104BC936FF}
Posted: June 20, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(1 votes, average: 5.00 out of 5)
Loading ...Rate this article:
Detection Count: 75
