Title: Windows Maintenance Suite
Type:
Also known as: Windows Maintenance Suite

Remove Windows Maintenance Suite
Removal instructions

 
Severity scale:Windows Maintenance Suite severity is 80  (80 / 100)
 

Windows Maintenance Suite is another rogue antispyware that was released by FakeVimes family. Just like its predecessors the program infiltrates into random computer systems using social networks, malicious websites, spam email attachments, etc. As soon as it gets inside the system, the application makes some changes in the Windows Registry which allows Windows Maintenance Suite to perform its further steps.

First of all, you will notice a scanner running on your system after each computer reboot. The program will warn that your system is infected and even show a list of threats that are supposedly harming your system. However, these files are either fake or they belong to your legitimate programs. Removing them can even harm proper functioning of your system. Besides none of the versions of Windows Maintenance Suite can detect or remove any real infections. So your PC is completely unprotected

Additionally, Windows Maintenance Suite uses fake pop up messages which appear on the system out of nowhere and warn about certain system problems. The purpose of these notifications is also to make computer user think that his system has certain security issues. This is a common way rogue programs promote them. You shouldn't take these notifications for real and you should never act they way they tell you. Here's how the look like:

Error
Keylogger activity detected. System information security is at risk.
It is recommended to activate protection and run a full system scan.

Warning
Firewall has blocked a program from accessing the Internet.
Windows Media Player Resources
C:\Windows\system32\dllcache\wmploc.dll
C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.

It is highly recommended to remove Windows Maintenance Suite using a reliable antispyware program. Just make sure you upgrade it to its newest version. If your Intenret Explorer is blocked, just keep trying again and eventually, you will be able to browse. Do not hesitate as this badware wishes no good for you and it only wants your money. In case you took this scam serious and paid for it, contact your credit card company and dispute the charges as soon as possible. 

The latest parasite names used by FakeVimes:
Windows Internet Guard, Windows Web Watchdog, Windows AntiBreach Patrol, Windows Antivirus Patrol, Windows Pro Defence Kit

Automatic Windows Maintenance Suite removal:

It might be that we are affiliated with any of our recommended products. Full disclosure can be found in our Agreement of Use.
By downloading any of provided Anti-spyware software to remove Windows Maintenance Suite you agree with our Privacy Policy and Agreement of Use.
SpyHunter is recommended remover to uninstall Windows Maintenance Suite. You should confirm using free trial that it detects current version of parasite.

Note: Manual assistance required means that one or all of removers were unable to remove parasite without some manual intervention, please read manual removal instructions below.

If you failed to remove Windows Maintenance Suite using SpyHunter, submit question to our support team and provide as much details as possible.
dot
STOPzilla
download
manual required
We are testing STOPzilla's efficiency at removing Windows Maintenance Suite (2012-06-06 05:01:11)
dot
Malwarebytes Anti Malware
download
manual required
We are testing Malwarebytes Anti Malware's efficiency at removing Windows Maintenance Suite (2012-06-06 05:01:11)
dot
XoftSpySE Anti Spyware
download
manual required
We are testing XoftSpySE Anti Spyware's efficiency at removing Windows Maintenance Suite (2012-06-06 05:01:11)
dot
Defender Pro Ultimate
download
manual required
We are testing Defender Pro Ultimate's efficiency at removing Windows Maintenance Suite (2012-06-06 05:01:11)

what to do if you failed to remove the infection?
Virus Removal
Phone Support
Help Line to remove Windows Maintenance Suite
Windows Maintenance Suite snapshot:
Windows Maintenance Suite snapshot

Windows Maintenance Suite manual removal:

Kill processes:
Protector-[rnd].exe
Delete registry values:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "ID" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-2-17_2"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "rudbxijemb"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe

Unregister DLLs:
npswf32.dll

Delete files:
%AppData%\Protector-[rnd].exe

QR code for Windows Maintenance Suite removal instructions:

Windows Maintenance Suite qrcode
QR is short for Quick Response. They can be read quickly by the mobile phones. QR codes can store more data than standard barcodes, including url links, geo coordinates, and text.

The reason we add QR code to the website is that parasites like Windows Maintenance Suite are really hard to remove on infected computer. you can quicly scan the QR code with your mobile device and have manual removal instructions to uninstall Windows Maintenance Suite right in your pocket.

Simply use the QR scanner and read removal instructions from mobile device.
Information added: 2012-06-06 05:01:11
Information updated: 2012-06-06 06:09:43

Additional resources:

Attention: If you know know a reputable website reated to security threats, please add a link here: add url

Post Comment:

Attention: Use this form only if you have additional information about Windows Maintenance Suite parasite, its removal instructions, additional resources or behavior. By clicking "post comment" button you agree not to post any copyrighted, unlawful, harmful, threatening, abusive, harassing, defamatory, vulgar, obscene, profane, hateful, racially, ethnically or otherwise objectionable material of any kind.
Home page Name



«


* All field required
Like us on Facebook
Latest spyware news:
Subscribe to spyware news
Please enter your e-mail address:
If you do not want to receive our spyware
newsletter please unsubscribe here
48636 Subscribers
Ask us
I failed to remove Windows Maintenance Suite using SpyHunter.

Email


Close

Spreading the knowledge:

It is very hard to fight against computer parasites on the Internet alone. If you have a website, we would be more than happy if you would like to cooperate and help us spread the information about latest threats. Remember, knowledge is the most powerful weapon. Help your visitors protect their computers!
add text box
rss feed
help other