Windows Easy Warden is a fake antivirus from fake Microsoft Security Essentials family.
This family of antiviruses is famous at changing names almost daily and using various psychological tricks to boost its “reputation” and force users into paying for a fake program. Windows Easy Warden is promoted using the same simple steps like other parasites from this family:1. First, one gets infected by Trojan in various infected websites or by downloading a trojan with some kind of supposedly harmless program. These Trojans are responsible for spreading rogues like Windows Easy Warden.
2. Next, one starts seeing a popups that one’s system is infected by Trojans, but Microsoft security Essentials cannot determine what Trojan is it. Note, that the same message is displayed for people that use different antivirus than Microsoft Security Essentials.
3. Once user clicks on fake Microsoft Security Essentials window, it will search for solution online and identify the infection as Trojan.Horse.Win32.PAV.64.a – a completely nonsense name. It will show that a single program can remove this “parasite” – Windows Easy Warden. After reboot, this Windows Easy Warden will be installed on your system.
4. Windows Easy Warden will stop your desktop from loading and demand that a system scan will be run. The scan will detect various infections that cannot be detected and removed by free version of the rogue and demand payment. If you pay to makers of Windows Easy Warden, consider your credit card details stolen. They will be charged to fund development of future rogues and other illegal activities.
Removal:
Kill malicious Processes from Task Manager:
- <random>.exe
Location of the infection:
- %UserProfile%\Application Data\Microsoft\[random].exe
Registry Entries to be removed. (Take a backup of registry, before editing it)
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = ’1?
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = ’0?
- HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’
Although it is possible to manually remove Windows Easy Warden, such activity can permanently damage your system if any mistakes are made in the process, as advanced spyware parasites are able to automatically repair themselves if not completely removed. Thus, manual spyware removal is recommended for experienced users only, such as IT specialists or highly qualified system administrators. For other users, we recommend malware and spyware removal applications.
After removing all these files, restart your computer and the issue will be fixed. And don’t forget to do update your Security Software, check the Firewall Settings and the Operating System and finally do a full system scan with the Security Software.
0 comments:
Post a Comment