I was offered this rouge installer to test by a forum member. I tested it on Win 7 Home Premium 32 bit in Vbox. It,s very interesting. It installs itself without any UAC prompt and opens a fake action centre window. There is a partial bypass when I tried it inside GesWall and DefenceWall latest beta as untrsuted. As long as malware is running, it will not let you open the original Action Centre window. Rather it will open a fake Action Centre window. It,s not a big issue in practice as a system reboot or killing malware via GesWall/ DefnceWall will cure the problem but it,s important in a way that Action centre window is part of explorer.exe( I guess).m Explorer.exe is trusted in Geswall and DefenceWall and should not be affected by an untrusted process. BTW Sandboxie was not bypassed in this aspect.