Windows custom management is a malicious program that was produced to cheat computer users’ money by deceiving them. The origin of this bogus program is FakeVimes family, which is accountable for most of the malwares and malicious antivirus programs that have been launched recently. The distribution of the program is through pop up warnings that display on your screen out of nowhere. They offer you to run an online scanner and check if your computer is safe.

Once you click on the pop ups, the malicious program will start scanning your computer automatically, or it is good to say that the windows custom management will simulate the process of system scan. Once the scanning is done, the program creates a window which shows a long list of threats which claims that your computer is infected, and all these viruses are damaging your system. The important part to know is that all the files that are displayed as threat by the windows custom management might be genuine program that are required for appropriate operation of windows. So it is absolutely safe to not to try to remove them as you may damage your system. While, sometimes some of those files do not even exist at all.

You will also frequently receive pop up warnings and security alerts, whenever windows custom management runs. This dangerous malicious program makes changes in your windows registry entry values; as a result of which, you receive such pop ups and warnings. Another frustrating thing is that this program disables you to visit any other websites or blocks you to browse the web site. You should remove the harmful windows custom management immediately.

Remove Windows Custom Management Processes

  1. Press the short cut keys CTRL+ALT+DEL to rapidly open the Windows task manager.
  2. Find the tab processes and click on it.
  3. Among the list of all the active processes find the Windows Custom Management Process which is listed below:

Protector-[rnd].exe

  1. Click on process after you locate it and then select the option End process to remove the process completely.

Remove Windows Custom Management Registry key values

  1. Click on Start then click on the option Run.
  2. Type ‘regedit’ and press enter.
  3. Using the left pane of the windows registry editor click on Edit then on Find.
  4. Type the values of registry entries in the search box and press Ok.
  5. Now right click on the found result and press the button Delete.
  6. The registry entries that you must be deleted are:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “ID” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “net” = “2012-2-17_2″

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings “UID” = “rudbxijemb”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avp32.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\_avpcc.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ashDisp.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\divx.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mostat.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\platin.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tapinstall.exe

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zapsetup3001.exe

Remove Windows Custom Management other files

  1. Go to Start > Search > Select the option ‘For files and folders’.
  2. Enter the Windows Custom Management file name and select the option ‘Local hard drives’.
  3. Right click on the found result and press Delete.

%Documents and Settings%\All Users\Start Menu\Programs\Windows Custom Management

%Program Files%\Windows Custom Management

%AppData%\Protector-[rnd].exe

%AppData%\Inspector-[rnd].exe

%Documents and Settings%\All Users\Application Data\Windows Custom Management

%AllUsersProfile%\Application Data\.exe

%UserProfile%\Desktop\Windows Custom Management.lnk

How to remove Windows Custom Management?

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>