Windows Safety Checkpoint
Windows Safety Checkpoint Description
Windows Safety Checkpoint is marketed as a supposed anti-virus scanner that also includes a solid range of other security-related features, but in spite of its aesthetics, Windows Safety Checkpoint is just another rogue anti-virus application that displays fake warnings about Trojans, unauthorized network activity and other attacks that don’t exist. Because Windows Safety Checkpoint is also derived from a family of scamware that have been noted for browser hijacks, attacks against unrelated security programs and attempts to disable Windows security features, SpywareRemove.com malware researchers consider Windows Safety Checkpoint to be an active danger to your PC that should be removed during an anti-malware scan immediately after noticing symptoms of the Windows Safety Checkpoint infection. Even though Windows Safety Checkpoint’s primary purpose is to seduce you into throwing away your money on its purchasable version, the registered version of Windows Safety Checkpoint is just as lacking in value as its ‘free’ version, and buying Windows Safety Checkpoint should never be considered a viable solution to a Windows Safety Checkpoint infection or other computer problems.Windows Safety Checkpoint: Rogue AV Software That’s Closer to Virus Than Anti-Virus Itself
Windows Safety Checkpoint draws its lineage from FakeVimes, a group of fake anti-virus applications that have been in distribution since 2010. In the past two years, Win32/FakeVimes scamware like Windows Safety Checkpoint have reappeared under new names again and again, with common examples of Windows Safety Checkpoint clones including PC Live Guard, Smart Internet Protection 2012, Windows Trouble Taker, Windows Performance Catalyst, Smart Security, Windows High-End Protection, Windows Abnormality Checker, Windows Privacy Module, Windows Secure Workstation, Windows Functionality Checker, Windows Home Patron, Windows Shield Tool, Live PC Care, Windows ProSecurity Scanner, Windows ProSecure Scanner, Windows Advanced Toolkit, Windows Antihazard Solution, Windows Antivirus Patch, Windows Ultimate Safeguard, Windows Virtual Security, CleanUp Antivirus, VirusSecurity, Windows Advanced Security Center, Security Antivirus, Internet Security Suite, Windows Daily Adviser, Windows Pro Safety Release, Windows Turnkey Console, Windows Security Suite, Personal Internet Security 2011, XP Smart Security, Windows Crucial Scanner, Windows Profound Security, Home Malware Cleaner, Windows Private Shield, Windows Stability Guard, Windows Custom Safety, Windows No-Risk Agent, Windows Performance Adviser, Windows Malware Sleuth, Windows Activity Debugger, Windows PC Aid, Windows Proprietary Advisor, Windows First-Class Protector, Windows Pro Safety, Windows Safety Toolkit, Windows Secure Surfer, Windows Antivirus Machine, PrivacyGuard PRO, Windows Antivirus Care, Windows Smart Warden, Windows Software Keeper, Windows Process Director, Virus Doctor, Windows Premium Guard, Windows Pro Rescuer, Windows Protection Master, Windows Maintenance Suite, Windows Interactive Safety, Windows Custodian Utility, Windows Interactive Security, Windows Pro Defence, Additional Guard, Strong Malware Defender, Windows Debug Center, Windows Privacy Counsel, Windows Guard Tools, My Security Engine, Windows Advanced User Patch, Windows Safety Maintenance, Windows Security System, Windows Basic Antivirus, Windows Personal Doctor, Live Enterprise Suite, Home Safety Essentials, Windows Safety Series, Anti-Malware Lab, Windows Health Keeper, Windows Shielding Utility, Smart Engine, Extra Antivirus, Windows Antivirus Rampart, Smart Anti-Malware Protection, Windows Threats Destroyer, Windows Guardian Angel, Windows Care Taker, Keep Center Keeper, Windows AntiHazard Helper, System Protection Tools, Security Master AV, Internet Security Essentials, Windows Safety Wizard, Windows Risk Minimizer, Windows Managing System, Windows Active Guard, Windows Virus Hunter, Best Malware Protection, Windows AntiHazard Center, Windows Firewall Constructor, Windows Safeguard Upgrade, Windows Instant Scanner, Windows Web Combat, Windows Sleek Performance, Windows System Defender, Windows Warding System, Windows Secure Web Patch, Windows Protection Maintenance, Windows Premium Console, Personal Security Sentinel, Windows Protection Unit, Windows Active Defender, Windows Pro Web Helper, Total Anti Malware Protection, Windows Ultimate Security Patch, Windows Be-on-Guard Edition, Windows Anti-Malware Patch, Enterprise Suite, My Security Shield, Windows Software Saver, Windows Security Renewal, Fast Antivirus 2009, Windows Enterprise Suite, Windows Virtual Angel, Windows Efficiency Accelerator, Windows Privacy Extension, My Security Wall, Windows Tools Patch, Windows Virtual Firewall, Windows No-Risk Center, Windows Internet Booster, Windows Defence Counsel, Windows PRO Scanner, Windows Guard Solutions, Smart Virus Eliminator, Windows Expert Series, Windows Premium Defender, Windows Pro Solutions, Windows Proactive Safety, Smart Internet Protection 2011, Windows Safety Manager, Volcano Security Suite, Windows Defending Center, Windows Smart Partner, Antivirus Smart Protection, Windows Safety Module, Windows Maintenance Guard, Windows Problems Stopper, Windows Multi Control System, Windows Web Commander, Windows Telemetry Center, Best Antivirus Software, Windows Enterprise Defender, Activate Ultimate Protection, Windows Secure Workshop, Windows Antivirus Release, Windows Control Series and Windows Custom Management. Although some variants of Win32/FakeVimes-based rogue anti-virus bear some minor discrepancies in their appearances, SpywareRemove.com malware researchers have found that recent variants like Windows Safety Checkpoint are always identifiable by fake features like ‘anti-phishing,’ an ‘Advanced Process Control’ an ‘All-In-One Suite,’ an anti-virus scanner and various pop-up alerts.
System scans, pop-ups and other forms of information that are provided by Windows Safety Checkpoint will always try to portray your PC as being under attack by an unrealistically large quantity of high-level PC threats, but such warnings can be safely ignored as fraudulent.
The Full Checklist of Windows Safety Checkpoint’s Aggressions
Fake security pop-ups, system scans and similar types of inaccurate system analyses can always be considered Windows Safety Checkpoint’s raison d’être, but some functions of Windows Safety Checkpoint that are secondary to its primary purpose can actually be of greater danger than its primary attacks. Like other fake anti-virus applications based on Win32/FakeVimes, Windows Safety Checkpoint may also enact hostile behavior against legitimate security programs and some Windows features, such as:
- Windows Safety Checkpoint may disable the UAC, which SpywareRemove.com malware experts stress is a high-priority security attack that allows PC threats like Windows Safety Checkpoint to make unauthorized changes to your computer.
- Windows Safety Checkpoint may hijack your web-browsing activities, especially for the sake of redirecting you from reputable search engines to suspicious or outright hostile ones. Such hijacks are likely to function in all types of web browsers due to a Trojan changing the Hosts file.
- Windows Safety Checkpoint may also prevent you from using real security programs, including Task Manager, while Windows Safety Checkpoint is active. In cases where this prevents you from running an anti-malware scan to delete Windows Safety Checkpoint, SpywareRemove.com malware analysts can recommend Safe Mode, a boot from a network-shared drive or a boot from a removable drive to launch Windows without Windows Safety Checkpoint getting in the way.
Windows Safety Checkpoint Automatic Detection Tool (Recommended)
Is your PC infected with Windows Safety Checkpoint? To safely & quickly detect Windows Safety Checkpoint, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Safety Checkpoint
What happens if Windows Safety Checkpoint does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %APPDATA%\ Protector-ucxk.exe 710 2 %APPDATA%\ Protector-obux.exe 555 3 Windows Safety Checkpoint.lnk 183 4 %AppData%\Inspector-[RANDOM CHARACTERS].exe N/A 5 %AppData%\Protector-[RANDOM CHARACTERS].exe N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
Additional Information
- The following messages's were detected:
# Message 1 Error Trojan activity detected. System data security is at risk. 2 Warning Firewall has blocked a program from accessing the Internet C:\program files\internet explorer\iexplore.exe is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Posted: April 27, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(No Ratings Yet)
Loading ...Rate this article:
Detection Count: 26
