Windows malware sleuth is an annoying fake program. Like other fake programs, it spreads through the Trojans and may come along with a bundle of software you downloaded. To gain the money from the user, it pretends to be a legit security tool, but in reality, it is a malicious tool that only harms your computer instead of protecting it. After installing itself illegally on user’s computer, it runs a fake scan of your computer. In result of which, it shows you a list of files that are infected with viruses and asks you to remove them instantly. These files are also bogus just like the application, and the only danger your computer is facing is from the malicious Windows malware sleuth itself.

You can only protect your computer from these malicious and harmful tools by making your computer security tight, so these malicious cannot find any way to cross your security. Avoid downloading software that are not reliable or that are not on the reliable websites. Furthermore, you also need to be extra careful about the spam emails and opening their attachments. If Windows malware sleuth has entered your computer despite of all your strict measures, do not worry, as the following article discusses how to remove Windows Malware Sleuth in detail.

Remove Windows Malware Sleuth processes

  1. To delete the windows malware sleuth processes go to Start and then click on run.
  2. Type taskmgr in the tab named ‘open’ and press Ok. This will cause the Windows task manager to open.
  3. At the top of the task manger window find the tab named ‘processes’ and click on it.
  4. All the active processes are being shown here under the column name ‘image name’. Find the processes Inspector[random].exe and Protector-[3 random characters].exe. Remember all the processes are arranged alphabetically. When you find the required process. Right click on it and select ‘End processes’.

Remove Windows Malware Sleuth DLL file libraries

  1. Click on start button.
  2. Now click on search.
  3. Select the option ‘All files and folders’.
  4. Type the name NPSWF32.dll and press enter.
  5. When the required file is shown, right click on it and then select the option delete.

Remove Windows Malware Sleuth registry entry values

  1. Go to Start then Run.
  2. Type regedit and click Ok.
  3. Select the left from the panes in the registry editor and click on Edit.
  4. Select the option Find and type the registry values there.
  5. On the found registry values click on them and press Delete.
  6. The windows malware sleuth registry values are:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “Inspector”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\adaware.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\belt.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deputy.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\icload95.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\lnetinfo.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mpftray.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\netscanpro.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nssys32.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ozn695m5.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\perswf.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\PskSvc.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SafetyKeeper.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\spoler.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\taskmgr.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbcons.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\winservn.exe “Debugger”

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\zonealarm.exe “Debugger”

Remove Windows Malware Sleuth files

  1. Go to Start then Run.
  2. Type cmd and press Ok.
  3. Enter the complete path of the file with the directory name.
  4. Now type ‘regsvr32 /u [dll_file_name]’ and press enter.
  5. Do not forget to replace dll_file_name with the following files:

%AppData%\Inspector-[random].exe

%AppData%\Protector-[random].exe

%AppData%\NPSWF32.dll

%AppData%\result.db

%UserProfile%\Desktop\Windows Protection Master.lnk

 

How to remove Windows Malware Sleuth?
Tagged on:         

Leave a Reply

Your email address will not be published. Required fields are marked *

You may use these HTML tags and attributes: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong>