Windows Trojans Sleuth Description

Although Windows Trojans Sleuth resembles an anti-virus program, Windows Trojans Sleuth is actually part of a large group of fake anti-virus programs released in early 2012. These fake security programs belong to a family of rogue security applications that have been attacking computer systems since 2009. This family of malware is known as FakeVimes and is part of a well-known scam. Despite the years that have gone by, there is substantially no difference between Windows Trojans Sleuth and previous versions of this rogue security program. Periodically, criminals release new versions of these malware threats with slight tweaks to the programs’ interface and with different names. This allows criminals to recycle the same malicious code while at the same time staying one step ahead of PC security researchers and anti-malware software.

Windows Trojans Sleuth’s family of rogue security tools is one of the many kinds of rogue anti-virus programs, since Windows Trojans Sleuth does not limit itself to displaying fake error messages; Windows Trojans Sleuth is also capable to take over the infected computer system and to take out any Windows components and software that Windows Trojans Sleuth perceives as threats to its own existence (such as the Windows Registry Editor, Windows System Restore, most anti-virus software, and the Windows Task Manager). Because of this, removing Windows Trojans Sleuth will usually require the computer user to reboot Windows in Safe Mode or to use a CD to boot Windows.

How Windows Trojans Sleuth Tries to Steal Your Money

Windows Trojans Sleuth and its clones, such as Windows Trojans Inspector and Windows Firewall Constructor, basically try to convince inexperienced computer users that their computer system is in severe danger and that only Windows Trojans Sleuth can help them. Although Windows Trojans Sleuth is marketed as a free anti-virus tool, ESG security researchers have detected that Windows Trojans Sleuth doesn’t have the ability to remove or detect malware on a computer system.

This program has been created entirely to scare its victims and to force them to visit its web page repeatedly in an attempt to get them to pay for a ‘full version’ of Windows Trojans Sleuth. Because of this, malware like Windows Trojans Sleuth is often referred to as ’scareware.’ Remember, Windows Trojans Sleuth has no way of fixing your computer and is actually part of a multi-component malware attack on your computer system. To be on the safe side, use a trusty anti-malware tool to remove Windows Trojans Sleuth completely.

Type: Rogue AntiSpyware Programs

How Can You Detect Windows Trojans Sleuth?

Windows Trojans Sleuth Technical Report

As new Windows Trojans Sleuth details are reported by our customers and findings from our Threat Research Center, we will update this section.

Fake message for Windows Trojans Sleuth:

The following fake error message(s) appears for Windows Trojans Sleuth:

Error
Software without a digital signature detected.
Your system files are at risk. We strongly advise you to activate your protection.

Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan.

Error
Potential malware detected.
It is recommended to activate protection and perform a thorough system scan to remove the malware.

Windows Trojans Sleuth Removal Details

Windows Trojans Sleuth has typically the following processes in memory:

• %AppData%\Protector-oak.exe
• %AppData%\NPSWF32.dll

Windows Trojans Sleuth creates the following files in the system:

• %commonprograms%\Windows Trojans Sleuth.lnk
• %desktopdir%\Windows Trojans Sleuth.lnk

Windows Trojans Sleuth creates the following registry entries:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Windows Trojan Sleuth”
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run!Inspector

Important Article Disclaimer