Windows Passport Utility

Are you wondering why a program called Windows Passport Utility is preventing you from using your PC? The strange name and bad behavior of Windows Passport Utility should be a dead giveaway that this software isn't what Windows Passport Utility claims to be. Windows Passport Utility hopes to convince you that Windows Passport Utility is a security program, so that you will believe Windows Passport Utility's claims that your computer is infected with viruses that only Windows Passport Utility can remove, but the bottom line is that Windows Passport Utility is malware.

Windows Passport Utility is the latest name for a single rogue anti-virus application that has dozens of different names so far, because Windows Passport Utility is literally re-released every day with a new name. Despite the new name, however, Windows Passport Utility doesn't do anything new or different compared to the existing releases of this same rogue anti-virus tool. Most of the symptoms caused by Windows Passport Utility are scare tactics, intended to manipulate you into buying a license for the malware.

Symptoms Caused by Windows Passport Utility

Every time Windows starts, Windows Passport Utility will show up with Windows Passport Utility's fake user interface, and play a scan progress animation, in order to simulate a scan of your computer. Because the scan is completely fake, every time it runs, it will come up with results. Windows Passport Utility will tell you that the only way to remove the "threats" Windows Passport Utility has found is for you to activate Windows Passport Utility's software by paying for a license. In order to make things more convincing, all of this will happen on an interface that uses the Windows name and logo – without permission, of course, because Windows Passport Utility is not affiliated with Microsoft.

After you have waited through the bogus scan and made it to your PC's desktop, Windows Passport Utility will continue to try to scare you into paying for a license, and Windows Passport Utility will hold your computer hostage. The same three security alert messages will appear over and over, warning that lsass.exe, Firefox, and the system registry are the sources of suspicious activity that requires Windows Passport Utility's attention. Again, Windows Passport Utility will tell you that the only way for Windows Passport Utility to secure your computer is for you to go to Windows Passport Utility's website and hand over your credit card number in exchange for a license. As you might expect, there aren't actually any licenses to be had, because Windows Passport Utility is part of a scam.

Even if you aren't convinced by the fake scans and alerts, Windows Passport Utility will hold your computer hostage and try to prevent you from removing Windows Passport Utility's fake security program. All of your other applications, including Task Manager and Regedit, will be disabled by Windows Passport Utility under the pretense that they present some kind of threat. Your web browser will seem to be available, but you will not actually be able to use it to go for help, because Windows Passport Utility will change your Internet settings so that the only website you can visit will be the one that claims to sell Windows Passport Utility licenses. Don't let this ransoming fool you into thinking that paying for Windows Passport Utility would change anything, because it wouldn't. Paying for Windows Passport Utility does not get Windows Passport Utility to leave you alone, and it doesn't aid in removing the malware from your computer.

How Windows Passport Utility Targets and Infects PCs

In order to get you to install Windows Passport Utility, the malware uses a Trojan that simulates Microsoft Security Essentials Alerts, which is commonly referred to as the Fake Microsoft Security Essentials Alert Malware. This Trojan will be hidden in something that you download, such as an infected freeware file, or a fake security program update or codec. Once it is on your computer, the Trojan starts showing fake alerts that look extremely similar to alerts generated by Microsoft Security Essentials. The alerts will tell you that you have a Trojan on your system (other than the one that is causing the alerts) and then offer a program download in order to remove the phony threat. When you agree to download the software offered in the fake alerts, what you get, in this case, is Windows Passport Utility.

The scam that employs Windows Passport Utility (and all of the other fake security programs that are actually a single piece of malware under different names) has been going on since the beginning of 2011. This massive Internet fraud has been traced to an origin in Russia. All of the malware associated with the scam are named in a formulaic way, and the names nearly always contain three words. The first is always "Windows," and then the second and third words in the name are taken from lists. With time, newer and less believable words have been added to these lists, resulting in names like "Windows Passport Utility." The best way to protect yourself from threats like this one, in the future, is to use real, reputable security software. However, since malware in this family is easily spotted by its characteristic naming conventions, it can't hurt to keep an eye out for things that follow the scam's naming formula.