Windows Safety Manager
Windows Safety Manager Description
Far from being a guardian of your computer’s safety, Windows Safety Manager is a rogue anti-virus application that creates fake security alerts for the purposes of making its nonexistent services seem needed, as well as using a selection of other attacks that directly reduce your PC security. Symptoms of a Windows Safety Manager infection can include pop-up alerts, search engine hijacks, disabled Windows security features and problems with launching or running PC security programs. SpywareRemove.com malware researchers suggest that you do your best to identify and ignore fake alerts and other attempts at deceit that Windows Safety Manager may throw your way, and remove Windows Safety Manager with the same types of anti-malware programs that you would bring to bear against any virus, worm or Trojan.Windows Safety Manager – a New Brand Name Wrapped Around a Well-Used Threat
Windows Safety Manager may want to convince you that Windows Safety Manager is an original and helpful anti-virus program, but SpywareRemove.com malware researchers have corroborated its existence as nothing more than a clone of other PC threats from FakeVimes. Identical clones of Windows Safety Manager that exhibit equally harmful characteristics include but aren’t limited to Windows Virtual Angel, Strong Malware Defender, Windows Safety Maintenance, Windows Process Director, Windows Virus Hunter, Windows Antivirus Patch, Windows Safety Series, Windows Antivirus Machine, Windows Be-on-Guard Edition, Windows Enterprise Suite, Windows Protection Master, Windows Care Taker, Windows Anti-Malware Patch, PC Live Guard, Windows Software Saver, Windows Private Shield, Live PC Care, Internet Security Essentials, Windows Pro Rescuer, Enterprise Suite, XP Smart Security, Windows Custom Safety, Windows Home Patron, Windows Daily Adviser, Windows Maintenance Guard, Windows Control Series, Keep Center Keeper, Smart Virus Eliminator, Windows Malware Sleuth, Windows Interactive Security, Windows Pro Web Helper, Windows Premium Defender, Smart Engine, Windows Risk Minimizer, Windows Managing System, Windows Safety Module, Windows Active Guard, Internet Security Suite, Windows Secure Surfer, Windows Pro Solutions, PrivacyGuard PRO, Windows Shielding Utility, Windows Crucial Scanner, Volcano Security Suite, Windows Secure Workshop, Windows Basic Antivirus, Windows First-Class Protector, Windows Pro Safety Release, Windows Antivirus Rampart, My Security Wall, Windows AntiHazard Center, Windows No-Risk Agent, Windows Virtual Firewall, Activate Ultimate Protection, Windows Ultimate Security Patch, Windows Advanced Toolkit, Windows Premium Console, Windows Protection Maintenance, Windows Smart Partner, Smart Internet Protection 2012, Windows Expert Series, Windows Problems Stopper, Windows Guardian Angel, Windows Efficiency Accelerator, Windows Activity Debugger, Home Malware Cleaner, Windows Trouble Taker, Windows Safeguard Upgrade, Windows Security Suite, Windows Active Defender, Windows Security System, Best Malware Protection, Windows Safety Checkpoint, Windows Enterprise Defender, Personal Internet Security 2011, Antivirus Smart Protection, Windows Threats Destroyer, System Protection Tools, Windows Security Renewal, Windows No-Risk Center, Security Master AV, Windows Custom Management, Home Safety Essentials, Windows Smart Warden, Windows Debug Center, Windows Pro Defence, Extra Antivirus, My Security Shield, Personal Security Sentinel, Windows Warding System, Windows Proprietary Advisor, Windows Shield Tool, Windows Defence Counsel, Windows Safety Wizard, Windows Profound Security, Windows Antivirus Release, Anti-Malware Lab, Windows Performance Catalyst, Windows Advanced User Patch, Total Anti Malware Protection, Windows Privacy Extension, Additional Guard, CleanUp Antivirus, Windows Guard Tools, Windows Secure Web Patch, Windows Telemetry Center, Windows Premium Guard, Windows ProSecurity Scanner, Windows Sleek Performance, Windows Privacy Counsel, Windows AntiHazard Helper, Windows Proactive Safety, Security Antivirus, Windows Functionality Checker, Windows PRO Scanner, Windows Virtual Security, Windows Defending Center, Windows Maintenance Suite, Windows Guard Solutions, Windows Privacy Module, Windows Turnkey Console, Windows PC Aid, Windows Web Combat, Windows Performance Adviser, Windows Instant Scanner, Windows Interactive Safety, Smart Anti-Malware Protection, Windows Tools Patch, Smart Security, Windows Antivirus Care, Best Antivirus Software, Smart Internet Protection 2011, Virus Doctor, My Security Engine, Windows Firewall Constructor, Windows Pro Safety, Windows Multi Control System, VirusSecurity, Windows Health Keeper, Windows Internet Booster, Windows Secure Workstation, Windows ProSecure Scanner, Windows Stability Guard, Windows Software Keeper, Windows Ultimate Safeguard, Fast Antivirus 2009, Windows Advanced Security Center, Windows Personal Doctor, Windows Protection Unit, Windows System Defender, Windows Antihazard Solution, Windows Custodian Utility, Windows Safety Toolkit, Live Enterprise Suite, Windows High-End Protection, Windows Web Commander and Windows Abnormality Checker. Besides looking just like each other, these scamware-based PC threats are also known for reusing their fake warning messages, and you may want to watch out for fake alerts on any Windows Safety Manager-infected computer.
While Windows Safety Manager’s aim is to use its fake system information to threaten you into spending money on buying a purchasable version of its faux security software, SpywareRemove.com malware experts recommend that you keep your money to yourself.
How to Make Sure That Windows Safety Manager Doesn’t Keelhaul Your Real Safety-Enhancing Software
Windows Safety Manager’s fake security functions may be the centerpiece of its hoax as a rogue anti-virus product, but Windows Safety Manager is also equipped with other attacks that can be considered more dangerous to your PC than its pop-ups. Some of Windows Safety Manager’s worst potential security risks include:
- Altered system settings that reduce your Windows and browser security in various ways (such as by disabling invalid signature detection or the UAC).
- Browser redirects that make your web browser lead you to unusual sites or fail to load benign websites. Windows Safety Manager is particularly likely to cause a redirect after you try to use a search engine.
- A thorough security program blockade that prevents you from using anti-malware applications and Windows tools like Task Manager.
Fortunately, all of these issues can be put to a halt by just launching Windows in a way that disables Windows Safety Manager’s automatic startup. For this purpose, SpywareRemove.com malware researchers can recommend Safe Mode or a boot from a removable drive, while afterward, Windows Safety Manager should be removed by a qualified anti-malware program.
Windows Safety Manager Automatic Detection Tool (Recommended)
Is your PC infected with Windows Safety Manager? To safely & quickly detect Windows Safety Manager, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect Windows Safety Manager
What happens if Windows Safety Manager does not let you open SpyHunter or blocks the Internet?
Visual & GUI Characteristics
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read
the tutorials on how to find malware,
kill unwanted processes,
remove malicious DLLs and
delete other harmful files. Always be
sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name Detection Count 1 %APPDATA%\ Protector-hpp.exe 12 2 %SystemDrive%\ Users\ FaquirS\ AppData\ Roaming\ Protector-cyss.exe 12 3 %AppData%\result.db N/A 4 %AppData%\NPSWF32.dll N/A 5 %AppData%\Protector-[RANDOM CHARACTERS].exe N/A 6 %CommonStartMenu%\Programs\Windows Safety Manager.lnk N/A 7 %Desktop%\Windows Safety Manager.lnk N/A
Registry Modifications
Tutorial: To edit and delete registry entries manually, read the tutorial on
how to remove malicious registry entries.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
- The following newly produced Registry Values are:
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-4-7_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "ahwohainwk"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\advxdwin.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswRunDll.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\aswUpdSv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\atcon.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bidef.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dvp95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\inetlnfo.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rtvscn95.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tds-3.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winupdate.exe
Additional Information
- The following messages's were detected:
# Message 1 Error
Attempt to modify Registry key entries detected.
Registry entry analysis recommended.2 Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.3 Warning! Spambot detected!
Attention! A spambot sending viruses from your e-mail has been detected on your PC.
Posted: April 17, 2012 | By SpywareRemove
MoreThreat Level: 10/10
(1 votes, average: 5.00 out of 5)
Loading ...Rate this article:
Detection Count: 9
