This family of antiviruses is famous at changing names almost daily and using various psychological tricks to boost its “reputation” and force users into paying for a fake program. Windows Easy Warden is promoted using the same simple steps like other parasites from this family:
1. First, one gets infected by Trojan in various infected websites or by downloading a trojan with some kind of supposedly harmless program. These Trojans are responsible for spreading rogues like Windows Easy Warden.
2. Next, one starts seeing a popups that one’s system is infected by Trojans, but Microsoft security Essentials cannot determine what Trojan is it. Note, that the same message is displayed for people that use different antivirus than Microsoft Security Essentials.
3. Once user clicks on fake Microsoft Security Essentials window, it will search for solution online and identify the infection as Trojan.Horse.Win32.PAV.64.a – a completely nonsense name. It will show that a single program can remove this “parasite” – Windows Easy Warden. After reboot, this Windows Easy Warden will be installed on your system.
Kill malicious Processes from Task Manager:
Location of the infection:
- %UserProfile%\Application Data\Microsoft\[random].exe
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = ’1?
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = ’0?
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
Although it is possible to manually remove Windows Easy Warden, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend malware and spyware removal applications.