Friday, April 27, 2012

Windows Safety Checkpoint malware removal guide

Windows Safety Checkpoint is the latest typical rogue anti-virus based on FakeVimes rogue family interface. It generates fake security alerts and Windows error messages. Get rid of Windows Safety Checkpoint malware: as the rogue is not available for uninstalling. The only opportunity for you to clear the infection is by means of ultimate computer surgery. Please note it is of critical importance for your PC that Windows Safety Checkpoint removal includes both the files of the malware and associated Registry entries.
Download free-scan reliable antimalware with the mission of the adware detection so that it could be exterminated in full. 



Windows Safety Checkpoint snapshot:


Windows Premium Guard activation code (helps removal):
0W000-000B0-00T00-E0020
NOTE: "Activating" Windows Premium Guard is not enough. You need to remove related trojans \ rootkits using reliable malware removal solution.
It is important to fix Windows registry after Windows Premium Guard malware removal using safe registry cleaner software.

Windows Safety Checkpoint manual removal guide:

Delete infected files:
%AppData%\NPSWF32.dll
%AppData%\Protector-[random 3 characters].exe
%AppData%\Protector-[random 4 characters].exe
%AppData%\W34r34mt5h21ef.dat
%AppData%\result.db
%CommonStartMenu%\Programs\Windows Safety Checkpoint.lnk
%Desktop%\Windows Safety Checkpoint.lnk
Delete Windows Safety Checkpoint registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-4-27_2″
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “tovvhgxtud”
HKEY_CURRENT_USER\Software\ASProtect
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\[random].exe

No comments: