Severity scale  

Windows Interactive Safety. How to Remove? (Uninstall Guide)

removal by - -   Also known as Windows Interactive Safety | Type: Malware

Windows Interactive Safety is a modified version of FakeVimes group of malwares that are used to deceive PC users into spending their money on its fake licensed version. In order to convince its victims that they should pay the money, Windows Interactive Safety reports multiple infections found on the system and then asks to make a payment in order to get them removed. However, that's just another trick used by scammers to fool PC users and rip them off. In reality, non of these threats are existent and most of these files that are reported by Windows Interactive Safety are important system files needed for normal PC's functionality. As you can see, Windows Interactive Safety works on inventing malicious items and tries to make its victim frightened. If you have also received alert from Windows Interactive Safety, don't waste your time and run a full system scan with reputable anti-spyware program. We recommend Reimage in this case.


Windows Interactive Safety is mostly distributed with a help of trojans that can easily come through security vulnerabilities found. As soon as it gets inside the system, it is set to start together with every system reboot and display perfectly legitimate-looking alerts and scanners. Classically, this program claims that your computer is dangerously infected with various kinds of viruses, like trojans, malware, ransomware, browser hijackers and other threats. However, they should only be ignored and never taken as serious threats. Here are some of the examples of such misleading messages displayed by Windows Interactive Safety:

Warning! Virus Detected
Threat Detected: Trojan-Downloader.Win32.Agent
Security Risk:
Infected File: regedit.exe
Description: Programs classified as Trojan download and install new versions of malicious programs, including Trojans and AdWare, on victim computers.
Please click “remove All” button to erase all infected files and protect your PC

Firewall has blocked a program from accessing the Internet
Internet Explorer
C:\program files\internet explorer\iexpolre.exe
C:\program files\internet explorer\iexpolre.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Please click “Prevent attack” button to prevent all attacks and protect your PC

Be sure that Windows Interactive Safety is entirely dedicated to create the need of its licensed version. In reality, this program is a pure rogue antivirus that seeks to get its victims out of their money. If you have also been receiving alerts from Windows Interactive Safety, be sure to ignore them and never remove these files reported as malware. Besides, you are highly recommended to remove Windows Interactive Safety from the system because it may cause system slow downs, browser redirections and other activity which is unwanted and malicious.


In order to remove Windows Interactive Safety, you should run a full system scan with Reimage reputable anti-malware. If you can't launch it, you can disable this virus with a help of this code: 0W000-000B0-00T00-E0020. After making your virus think that you have already purchased it, run a full system scan with anti-malware again and get rid of Windows Interactive Safety for good.

The latest parasite names used by FakeVimes:
Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use. By downloading any of provided Anti-spyware software you agree with our Privacy Policy and Agreement of Use.
Do it now!
Reimage - remover Happiness
Compatible with Microsoft Windows
What to do if failed?
If you failed to remove infection using Reimage Reimage, submit a question to our support team and provide as much details as possible.
Reimage is recommended to uninstall Windows Interactive Safety. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Reimage is recommended to uninstall Windows Interactive Safety. Free scanner allows you to check whether your PC is infected or not. If you need to remove malware, you have to purchase the licensed version of Reimage malware removal tool.

More information about this program can be found in Reimage review.
Not using OS X? Download a remover for Windows.
Press Mentions on Reimage
Alternate Software
Alternate Software
We are testing Plumbytes's efficiency (2012-08-06 08:31)
Malwarebytes Anti Malware
We are testing Malwarebytes Anti Malware's efficiency (2012-08-06 08:31)
Hitman Pro
Webroot SecureAnywhere AntiVirus
Windows Interactive Safety screenshot
Windows Interactive Safety snapshot

Windows Interactive Safety manual removal

Kill processes:
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
and many more
Delete files:

Removal guides in other languages

Information updated:

Comments on Windows Interactive Safety

Post a comment

Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.

Home page Name


(All fields are required)