Windows Ultimate Booster

Windows Ultimate Booster Description

Windows Ultimate Booster is a common example of rogue anti-malware programs that change their brand names to avoid being identified by casual PC users while keeping everything else about their ‘products’ the same. Belying its appearance as an anti-malware scanner, Windows Ultimate Booster is unable to find or delete real threats, but will provide fake alerts and fake system scans to the contrary. The intent behind these attacks is to force victims to spend money on Windows Ultimate Booster’s ‘full version,’ but malware researchers recommend the opposite: terminating and then deleting Windows Ultimate Booster with real anti-malware products wherever Windows Ultimate Booster is seen.

Why You Shouldn’t Pay the High Cost of this Anti-Malware ‘Booster’

Windows Ultimate Booster just is one of a very many individual programs associated with the FakeVimes family of scamware, although Windows Ultimate Booster also bears resemblance to the similar family of FakeRean. Whatever its origins might be, Windows Ultimate Booster is a confirmed fake security product that misleads its victims by providing inaccurate pop-up alerts, in addition to faking scans of your PC, which always return ‘infected’ results. Similar fake scans also may be used in other kinds of attacks that could install Windows Ultimate Booster through unsafe websites, as is typical for the FakePAV family.

The meat of Windows Ultimate Booster’s tactic lies in its attempts to make you believe that registering Windows Ultimate Booster, which, of course, costs money, is the easiest way to block and uninstall all of the threats that Windows Ultimate Booster detects.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

However, since malware experts easily verified that Windows Ultimate Booster can’t detect legitimate PC threats of any stripe, there’s no reason to spend your money on Windows Ultimate Booster. Despite its looks, Windows Ultimate Booster should be considered the same as any other threatening program, just like the related Windows Efficiency Master, Windows Private Shield, Windows Personal Doctor, VirusSecurity, Windows Maintenance Suite, Windows Premium Shield, Windows Custodian Utility, Windows AntiHazard Center, Windows System Defender, Windows Security Renewal, Windows Abnormality Checker, Windows Antivirus Patrol, My Security Wall, PrivacyGuard PRO, Windows Profound Security, Fast Antivirus 2009, Windows Pro Web Helper, Windows Interactive Security, Windows ProSecurity Scanner, Windows Privacy Counsel, Windows Ultimate Safeguard, Windows Security Booster, Windows Antivirus Booster, Windows Efficiency Accelerator, Total Anti Malware Protection, Windows Secure Surfer, Keep Center Keeper, Windows Antivirus Master, Windows Expert Console, Windows Cleaning Toolkit, Best Malware Protection, Windows Trouble Taker, Windows Malware Sleuth, Windows Antivirus Release, Windows Virtual Firewall, Windows Premium Defender, Windows Pro Solutions, Personal Security Sentinel, Windows Smart Partner, Windows AntiBreach Helper, Windows Internet Guard, Windows Virtual Security, Windows Expert Series, Windows Secure Workstation, Security Antivirus and Windows Enterprise Suite.

The Ultimate Boost… into a Software Lockdown

Although Windows Ultimate Booster’s main purpose of existence lies in its fake anti-malware ‘features,’ malware researchers also have a second reason for being concerned with Windows Ultimate Booster: the fact that Windows Ultimate Booster can block other programs. Windows Ultimate Booster is expected to use this attack primarily for supporting its claims of other programs being compromised by threats, but also may deny you any access to important security tools, such as Task Manager, software updaters or a real anti-malware scanner. This particular symptom of a Windows Ultimate Booster infection makes Windows Ultimate Booster an immediate threat to the security of your computer.

Windows Ultimate Booster blocks other programs by monitoring your memory processes and terminating ones with names on its blacklist. While this is effective, it also allows you to ignore it once Windows Ultimate Booster, itself, has been terminated. Malware researchers recommend that you do so through the Safe Mode feature or through rebooting from an emergency OS, which will render removing Windows Ultimate Booster trivial.

Windows Ultimate Booster Automatic Detection Tool (Recommended)

Is your PC infected with Windows Ultimate Booster? To safely & quickly detect Windows Ultimate Booster we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ svc-mamk.exe 5
    2 Windows Ultimate Booster.lnk 103
    3 %AppData%\data.sec N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%AppData%\svc-.exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = 1HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "GuardSoftware" = %AppData%\svc-.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableVirtualization" = 0HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd "ImagePath" = "123123.sys"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPPHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd

Additional Information

  • The following messages's were detected:
    # Message
    System data security is at risk!
    To prevent potential PC errors, run a full system scan.
    Trojan activity detected. System integrity at risk.
    Full system scan is highly recommended.
    3Firewall has blocked a program from accessing the Internet
    C:\Program Files\Internet Explorer\iexplore.exe
    is suspected to have infected your PC.
    This type of virus intercepts entered data and transmits them
    to a remote server.
    4Warning! Identity theft attempt detected
    Hidden connection IP:
    Target: Microsoft Corporation keys
    Your IP:
Posted: January 28, 2014 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 225

One Comment

Leave a Reply

What is 14 + 3 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)