Windows Maintenance Suite is another rogue antispyware that was released by FakeVimes family. Just like its predecessors the program infiltrates into random computer systems using social networks, malicious websites, spam email attachments, etc. As soon as it gets inside the system, the application makes some changes in the Windows Registry which allows Windows Maintenance Suite to perform its further steps.
First of all, you will notice a scanner running on your system after each computer reboot. The program will warn that your system is infected and even show a list of threats that are supposedly harming your system. However, these files are either fake or they belong to your legitimate programs. Removing them can even harm proper functioning of your system. Besides none of the versions of Windows Maintenance Suite can detect or remove any real infections. So your PC is completely unprotected
Additionally, Windows Maintenance Suite uses fake pop up messages which appear on the system out of nowhere and warn about certain system problems. The purpose of these notifications is also to make computer user think that his system has certain security issues. This is a common way rogue programs promote them. You shouldn't take these notifications for real and you should never act they way they tell you. Here's how the look like:
It is highly recommended to remove Windows Maintenance Suite using a reliable antispyware program. Just make sure you upgrade it to its newest version. If your Intenret Explorer is blocked, just keep trying again and eventually, you will be able to browse. Do not hesitate as this badware wishes no good for you and it only wants your money. In case you took this scam serious and paid for it, contact your credit card company and dispute the charges as soon as possible.
Windows Maintenance Suite manual removal
Delete registry values:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe
Post a comment
Attention: Use this form only if you have additional information about a parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.