What this infection does :
Basically, Windows Passport Utility is just another bogus anti virus program which uses fraudulent ways to take over your computer and it collaborates with Fake Microsoft Security Essentials to make you believe on itself. When this fake anti-virus program is installed successfully in your computer, it will alert you with a fake Microsoft Security Essential warning and the file name will be ‘Unknown Win32/Trojan’ This fake warning states :
Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials Alert has detected a potential threat that might get your system to risk and damage your computer. Your access to these items may be suspended until you take an action against them. Click on ‘Show details’ to learn more.
The next thing this bogus anti-virus program will be doing is, it will prompt you with another fake warning and this time you will be asked to run a system scan on your computer. This program will notify you again and again until you implement upon what’s been said. The fake warning will inform you that a file name Trojan.Horse.Win32.PAV.64.a has been detected and in order to remove it from your system, you must install Widows passport Utility program, the text of this program is :
Threat prevention solution found :
Security System Analysis has detected critical file system vulnerability caused by severe malware programs.
Risk of system file infection :
The detected vulnerability may result in unauthorized access to private information and hard drive data with a serious possibility of irreversible data loss and unstable PC performance. To remove the malware please run a full system scan. Press ‘OK’ to install the software necessary to initiate system files check. To complete the installation process please reboot your computer.
When you’ll hit ‘OK’ the infection will start to download and install Windows Passport Utility and without even asking you, your system will be restarted in front of your eyes.
When your computer reboots and comes back into action, you will be witnessing a new type of window just before your desktop and that’s Windows Passport Utility screen. It will prompt you with another fake warning that your computer is at a stake to get damaged anytime and you have to run a full system scan in order to catch all the viruses. You can get your old desktop back by closing this bogus anti-virus program and once it is over with those fraudulent scan tests. I’m sure you might have figured out yourself that this is a scam program and it uses your mentality and tricks you to buy its full version. It goes without saying that you should never buy such programs online that have got no background calibre.
While the program is busy adding all kinds of viruses and Trojans in your computer, it will still prompt you with fake warnings and fraudulent prompt messages. You don’t need to be worried because at the end of this article, you will know how to flush away these kinds of bogus virus programs who pretends to be an ‘anti’ viruses programs. Some of these fake alerts include :
System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.
System component corrupted!
System reboot error has occurred due to lsass.exe system process failure.
This may be caused by severe malware infections.
Automatic restore of lsass.exe backup copy completed.
The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.
Name: c:\program files\firefox\firefox.exe
Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.
You better not be trusting any one of these warnings because they’re being prompted for a purpose and that I have already disclosed, this is another fraudulent way to steal your credit by making you purchase this bogus virus program. Please, It is my humble request to you all that, ignore these prompted messages and do not agree with any one of them. No matter what comes up, do not forget that you’ve been trapped very badly and your whole system is now infected with numerous types of virus programs.
Information on Rogue Programs & Scareware
View Windows Passport Utility files.
View Windows Passport Utility Registry Information.
Tools Needed for this fix :
Guide Updates :
04/01/11 – Initial guide creation.
Automated Removal Instructions for Windows Passport Utility using Malwarebytes’ Anti-Malware:
1 – It is best that you print out all of these instructions which leads you to the removal of such bogus anti-virus programs because sooner or later we will be closing all the windows and it’ll also include the browser you’re reading this article on.
2 – It is possible that this virus program may have blocked your system’s downloading units and it will not allow you to download any files from now on. You will need another computer to get tools downloaded from which are requested in the guide. You will later on, transfer them to the infected computer and then we will start implementing upon this tutorial. Do as you like, you can transfer the downloaded set of tools via USB cable, C-D or DVD.
3 – The Windows Passport Utility infection will start before you could even witness your personal system desktop. To access, your desktop you must wait till all the fake scanning processes are over and then you can close this program and prepare yourself to download the set of tools. As, below you can see a screenshot of this dangerous virus infection that has an ‘X’ sign on the top right side of its window, you can close this program by hitting ‘X’ Once you close the program, you will be having a normal desktop back again.
Now that your Windows Desktop is available, we can continue with the rest of the removal process.
4 – Before continuing with this virus removal process, I’d ask you all to download ‘Rkill’ software from here which will prevent this Windows Passport Utility to interrupt in between the cleansing process, to get this software click here http://www.bleepingcomputer.com/download/anti-virus/rkill When at the download page, click on the download button labelled iExplore.exe download link. Save it on your desktop (Here I’m talking about saving it on a system which does not have any infections)
5 – Once this program is downloaded, you must double click on the Internet Explorer icon in order to automatically attempt to stop any processes associated with Windows Passport Utility and other bogus programs that are on your system. Please, you need to wait now because Rkill is detecting all the malware and other suspicious programs inside your system. When it has finished, the black colored window will be automatically closed and you can hop to the other step. If you’re prompted with a message that even an ‘Rkill’ is an infection, do not be concerned because the other program has no way to escape from and it is making fake excuses in front of you. Remember, do not agree with this bogus anti virus program at any point to avoid any failure. Please, try running the Rkill until the malware is no longer running, only then you will be allowed to proceed with this guide. Make sure that you don’t reboot your computer after running Rkill as this malware program is most likely to be started again.
If you’re having issues in running this Rkill program abruptly then you can head over to its official website and get another version which works fine. You can get it from here
6 – Next up, you have to fix your Windows Registry Shell Value, if this entry is not fixed then I’m sorry to say that you won’ t be seeing your Windows Desktop, the next time you’ll reboot your computer. Simply, download the following file on your desktop to fix these values immediately, right click on it and select ‘Save as’ Here is the link to it.
7 – Once the shell is downloaded that will take only couple of seconds, double click on it. Windows will ask if you would like data to be merged , please allow it to do so.
8 – I’m pasting a link to Malwarebytes, you must download this software in order to scan and kill all the malicious programs which have been resting in your system ; get it from here
9 – Once this program is downloaded, kindly close all the applications and windows running on your system, including this one.
10 – Now, double click on the MBAM icon located on your desktop with a name ‘mbam-setup.exe.’ This will start the installation of this program on to your computer.
11 – In order to move on with the installation, keep agreeing the prompted messages and make sure you don’t play around with the defaulted settings of this Anti malware program. When the program is finished installing, make sure you leave both the ‘Update Malwarebytes’ and also ‘Launch Malwarebytes’ checked. After this, click on ‘finish’ and then MBAM will ask you to reboot your system, it is recommended to do so.
12 – MBAM will start scanning for malicious and other suspicious programs inside your computer but before that you will be promoted with a message where you would be asked to update this program before going to the system scan, as you’ve had already checked on it, so it is not a problem now and you can click ‘Ok’
13 – You will be directed to the main menu of this program where you would see different types of scans, do not forget to select ‘Perform Full Scan’ and start the scan to kill all the malware programs which were once put into your system by none other than Windows Passport Utility.This scan may take some time so I’d reckon you to keep waiting till it ends itself and do not do anything to interrupt it in between.
14 – When the scan is finished, the program will prompt you with a message box that says ‘The scan is completed successfully. Click Show results to display all infected objects’
15 – You can now click on ‘Show Results’ to know all about the infected files which were caught during the scan. Please note that the infections found may be different from the ones which are being shown on the image down below.
16 – Select all of the infected files in one go and then look around for a button ‘Remove Selected’ this action is the last step towards kicking out all the virus programs out of your system, this is a point of satisfaction for you. Once the ‘Remove Selected’ button is used, the program will start removing all the infected files and registry values from your computer, it will ask you to re-boot your computer in order to go on with this process, kindly press ‘yes’ and let it take its time to finish.
17 – Once you’ve been rebooted, move on with the next steps of this removal guide. Now is the moment when MBAM has finished killing all the infected programs from your computer and it will prompt you with a scan log, a note pad file. Go through it and then you can close it.
18 – You can also exit MBAM now because the work has been done.
Your computer is now virus free and back to what it was, please do not trust any of these fake virus programs which are only meant to be playing with mentality and that’s how they get benefit out of others, I’m sure there are million of scammers out there working upon the same purpose and sometimes you can’t really figure out that whether or not a program is a scam or not. You need to keep a high-profile anti-virus program installed in your system with real time protection. I’d reckon you to buy Pro version of Malwarebytes Anti-malware program from here