Windows Ultimate Booster

Windows Ultimate Booster Description

Windows Ultimate Booster is a common example of rogue anti-malware programs that change their brand names to avoid being identified by casual PC users while keeping everything else about their ‘products’ the same. Belying its appearance as an anti-malware scanner, Windows Ultimate Booster is unable to find or delete real threats, but will provide fake alerts and fake system scans to the contrary. The intent behind these attacks is to force victims to spend money on Windows Ultimate Booster’s ‘full version,’ but malware researchers recommend the opposite: terminating and then deleting Windows Ultimate Booster with real anti-malware products wherever Windows Ultimate Booster is seen.

Why You Shouldn’t Pay the High Cost of this Anti-Malware ‘Booster’

Windows Ultimate Booster just is one of a very many individual programs associated with the FakeVimes family of scamware, although Windows Ultimate Booster also bears resemblance to the similar family of FakeRean. Whatever its origins might be, Windows Ultimate Booster is a confirmed fake security product that misleads its victims by providing inaccurate pop-up alerts, in addition to faking scans of your PC, which always return ‘infected’ results. Similar fake scans also may be used in other kinds of attacks that could install Windows Ultimate Booster through unsafe websites, as is typical for the FakePAV family.

The meat of Windows Ultimate Booster’s tactic lies in its attempts to make you believe that registering Windows Ultimate Booster, which, of course, costs money, is the easiest way to block and uninstall all of the threats that Windows Ultimate Booster detects.

» Learn more about SpyHunter's Spyware Detection Tool
and steps to uninstall SpyHunter.

However, since malware experts easily verified that Windows Ultimate Booster can’t detect legitimate PC threats of any stripe, there’s no reason to spend your money on Windows Ultimate Booster. Despite its looks, Windows Ultimate Booster should be considered the same as any other threatening program, just like the related Windows Prime Shield, Windows Expert Series, Security Master AV, Activate Ultimate Protection, Windows Efficiency Accelerator, Windows Antibreach Tool, Windows Trouble Taker, Windows Safety Checkpoint, Windows Instant Scanner, Personal Internet Security 2011, Windows Custom Safety, Windows Risk Minimizer, Windows ProSecurity Scanner, Windows Premium Defender, Windows Telemetry Center, Windows Advanced Toolkit, Windows Defence Unit, Additional Guard, Windows Advanced User Patch, Windows Guard Tools, Windows Safety Toolkit, Windows Security System, Windows Web Commander, System Smart Security, Personal Security Sentinel, Windows Software Saver, Windows Pro Defence, Windows Safety Maintenance, Windows Warding System, Windows Anti-Malware Patch, Internet Security Suite, Windows Pro Rescuer, Smart Virus Eliminator, Windows Expert Console, Windows Smart Partner, Windows Cleaning Toolkit, Windows Antihazard Solution, Windows Smart Warden, Windows Protection Maintenance, Windows Security Renewal, Windows Protection Unit, My Security Shield, Windows Premium Console, Smart Engine, Anti-Malware Lab, PC Live Guard, Smart Security, Windows Pro Solutions and My Security Wall.

The Ultimate Boost… into a Software Lockdown

Although Windows Ultimate Booster’s main purpose of existence lies in its fake anti-malware ‘features,’ malware researchers also have a second reason for being concerned with Windows Ultimate Booster: the fact that Windows Ultimate Booster can block other programs. Windows Ultimate Booster is expected to use this attack primarily for supporting its claims of other programs being compromised by threats, but also may deny you any access to important security tools, such as Task Manager, software updaters or a real anti-malware scanner. This particular symptom of a Windows Ultimate Booster infection makes Windows Ultimate Booster an immediate threat to the security of your computer.

Windows Ultimate Booster blocks other programs by monitoring your memory processes and terminating ones with names on its blacklist. While this is effective, it also allows you to ignore it once Windows Ultimate Booster, itself, has been terminated. Malware researchers recommend that you do so through the Safe Mode feature or through rebooting from an emergency OS, which will render removing Windows Ultimate Booster trivial.

Windows Ultimate Booster Automatic Detection Tool (Recommended)

Is your PC infected with Windows Ultimate Booster? To safely & quickly detect Windows Ultimate Booster we highly recommend you run the malware scanner listed below.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
  • The following files were created in the system:
    # File Name Detection Count
    1 %APPDATA%\ svc-mamk.exe 5
    2 Windows Ultimate Booster.lnk 103
    3 %AppData%\data.sec N/A

Registry Modifications

Tutorial: To edit and delete registry entries manually, read the tutorial on how to remove malicious registry entries.

Tip & Warning: Editing and removing the wrong registry keys can severely damage your PC, so remember to backup your Windows Registry! To optimize your Windows Registry and speed up your PC, download RegHunter's registry cleaner.
  • The following newly produced Registry Values are:
    HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon "Shell" = "%AppData%\svc-.exe"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations "LowRiskFileTypes" = ".zip;.rar;.nfo;.txt;.exe;.bat;.com;.cmd;.reg;.msi;.htm;.html;.gif;.bmp;.jpg;.avi;.mpg;.mpeg;.mov;.mp3;.m3u;.wav;"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Attachments "SaveZoneInformation" = 1HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "GuardSoftware" = %AppData%\svc-.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorAdmin" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "ConsentPromptBehaviorUser" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableLUA" = 0HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system "EnableVirtualization" = 0HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd "ImagePath" = "123123.sys"HKEY..\..\..\..{Subkeys}HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\k9filter.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpCmdRun.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MpUXSrv.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\MSASCui.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msconfig.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msseces.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SPPHKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\bckd

Additional Information

  • The following messages's were detected:
    # Message
    System data security is at risk!
    To prevent potential PC errors, run a full system scan.
    Trojan activity detected. System integrity at risk.
    Full system scan is highly recommended.
    3Firewall has blocked a program from accessing the Internet
    C:\Program Files\Internet Explorer\iexplore.exe
    is suspected to have infected your PC.
    This type of virus intercepts entered data and transmits them
    to a remote server.
    4Warning! Identity theft attempt detected
    Hidden connection IP:
    Target: Microsoft Corporation keys
    Your IP:
Posted: January 28, 2014 | By
Rate this article:
1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading ... Loading ...
Threat Metric
Threat Level: 10/10
Detection Count: 225

One Comment

Leave a Reply

What is 11 + 9 ?
Please leave these two fields as-is:
IMPORTANT! To be able to proceed, you need to solve the following simple math (so we know that you are a human) :-)