Windows Sleek Performance
Posted: May 9, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 10/10 |
|---|---|
| Infected PCs: | 12 |
| First Seen: | May 9, 2012 |
|---|---|
| Last Seen: | January 8, 2020 |
| OS(es) Affected: | Windows |
Windows Sleek Performance may be quite skillful at performing its intended functions, but the contrast between its presentation and what Windows Sleek Performance really does has led SpywareRemove.com malware researchers to label Windows Sleek Performance as another rogue anti-virus product. Although Windows Sleek Performance is noted for its ability to provide intricate system security-related pop-ups, including warnings about network-based attacks and live PC threats, SpywareRemove.com malware experts have also found that Windows Sleek Performance is equally well-known for gearing all of the above information to be false instead of providing real system diagnostics. As a PC threat that can also cause a range of security issues that include a blockade enacted against unrelated security applications, Windows Sleek Performance should always be deleted promptly and with a trustworthy brand of anti-malware scanner.
The Bumps in Windows Sleek Performance's Path to Fake PC Security
Aesthetically, Windows Sleek Performance acts like a typical anti-virus scanner, with the exception of including an unusual breadth of features, as well as being continuously in a high-alert mode that displays rapid series of fake warning messages and highly inaccurate system scans. Like other rogue anti-virus products Windows Sleek Performance can't provide real PC threat detection, deletion or protection features. However, Windows Sleek Performance will continuously display its fake information once Windows starts up (due to Windows Sleek Performance using a Registry-based exploit that SpywareRemove.com malware researchers have found to force its launch alongside Windows without your consent).
Like every other member of FakeVimes, Windows Sleek Performance's long term goal is to force you to purchase a registration key while Windows Sleek Performance supposedly offers to remove the PC threats that Windows Sleek Performance detects after purchase. However, since Windows Sleek Performance doesn't have any of the anti-virus, anti-malware or general security features that Windows Sleek Performance claims to possess, there's no reason to buy Windows Sleek Performance whatsoever. Despite this, SpywareRemove.com malware analysts note that using the freely-circulated code '0W000-000B0-00T00-E0020' to register Windows Sleek Performance may assist with deleting Windows Sleek Performance from your computer.
Windows Sleek Performance: from Protector to Danger in the Blink of an Eye
In addition to being a digital fraudster, Windows Sleek Performance can also be a direct assailant against your PC and should be deleted with anti-malware programs rapidly to avoid any long term harm. Below you can find some security-related attacks that SpywareRemove.com malware researchers have linked to Windows Sleek Performance and other FakeVimes-based scamware such as Privacy Guard Pro, PrivacyGuard Pro 2.0, Extra Antivirus, Fast Antivirus 2009, Presto TuneUp, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, Live PC Care, PC Live Guard, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus and Smart Security.:
- Online search hijacks to redirect you to unusual or potentially malicious sites.
- Attempts to block you from using security and anti-virus programs that could help remove Windows Sleek Performance.
- Reduced security settings that block UAC services and allow files with invalid signatures to be downloaded without any alerts from Windows.
Technical Details
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
The following files were created in the system:%APPDATA%\Protector-nblr.exe
File name: Protector-nblr.exeSize: 2.41 MB (2410496 bytes)
MD5: b74e6fe1039d704e9183e44b72779f35
Detection count: 90
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: May 9, 2012
Protector-mjga.exe
File name: Protector-mjga.exeSize: 2.36 MB (2367488 bytes)
MD5: f730bbae7b36bd5a69c663674c0710c2
Detection count: 65
File type: Executable File
Mime Type: unknown/exe
Group: Malware file
Last Updated: January 8, 2020
%APPDATA%\Protector-wjib.exe
File name: Protector-wjib.exeSize: 2.29 MB (2297856 bytes)
MD5: 81a2659d009d86a856c73a24b8f00110
Detection count: 52
File type: Executable File
Mime Type: unknown/exe
Path: %APPDATA%
Group: Malware file
Last Updated: May 9, 2012
%AppData%\result.db
File name: %AppData%\result.dbMime Type: unknown/db
Group: Malware file
%AppData%\NPSWF32.dll
File name: %AppData%\NPSWF32.dllFile type: Dynamic link library
Mime Type: unknown/dll
Group: Malware file
%AppData%\W34r34mt5h21ef.dat
File name: %AppData%\W34r34mt5h21ef.datFile type: Data file
Mime Type: unknown/dat
Group: Malware file
%AppData%\Protector-[RANDOM CHARACTERS].exe
File name: %AppData%\Protector-[RANDOM CHARACTERS].exeFile type: Executable File
Mime Type: unknown/exe
Group: Malware file
%Desktop%\Windows Sleek Performance.lnk
File name: %Desktop%\Windows Sleek Performance.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
%CommonStartMenu%\Programs\Windows Sleek Performance.lnk
File name: %CommonStartMenu%\Programs\Windows Sleek Performance.lnkFile type: Shortcut
Mime Type: unknown/lnk
Group: Malware file
Registry Modifications
HKEY..\..\{Value}HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = "2012-5-6_2"HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "UID" = "ungklgkqft"HKEY..\..\..\..{Subkeys}HKEY_CURRENT_USER\Software\Microsoft\WinHKEY_CURRENT_USER\Software\ASProtectHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rscdwld.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netspyhunter-1.2.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iface.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winstart.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tcm.exeHKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\alertsvc.exe
Additional Information
| # | Message |
|---|---|
| 1 | Error Attempt to modify Registry key entries detected. Registry entry analysis recommended. |
| 2 | Error Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan. |
| 3 | Warning Firewall has blocked a program from accessing the Internet. Windows Media Player Resources C:\Windows\system32\dllcache\wmploc.dll C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server. |
| 4 | Warning! Spambot detected! Attention! A spambot sending viruses from your e-mail has been detected on your PC. |
I don't knowe why this started, but I keep getting the message about every 30 seconds and it is when I am trying to do something. How do I get rid of this program?
HOW CAN I GET THIS GOD DAMN PROGRAM OFF MY F-ING COMPUTER???????