Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer

Windows Trojans Sleuth

Even if you think your computer is protected with Windows Trojans Sleuth, think again. Though it reports being genuine security software, do not be fooled because it only pretends to be one. This is a rogue, which will surely harm your system and your wallet, so if you care about your computer’s safety, do not hesitate and remove Windows Trojans Sleuth at once.

Windows Trojans Sleuth can enter your system without your knowledge or consent helped by a Trojan which sneaks into your computer through hacked websites. Quite often you can be sure that Windows Trojans Sleuth is targeting to infect you, if you see a fake online scanner and the immense amount of bogus threats it reports. One thing for sure, instead of paying attention to the inexistent threats, you should delete Windows Trojans Sleuth from your system, because it will not only keep reporting you the false information but will also keep your computer unprotected from the real danger.

If you think that you can turn a blind eye to the hundreds of fake warning messages that Windows Trojans Sleuth displays, you will surely be unable to neglect its effect on your computer system. It slows your computer and interferes with your internet access, and, unless you use a legitimate security software to remove Windows Trojans Sleuth, it will even crash your system.

UPDATE

Windows Trojans Sleuth pretends to be performing a full system "scan", after which you are informed that your computer is infected with such malicious components as Trojan-IM, Trojan.MSIL.Agent, Trojan-DDoS and others. It might seem that this is true since your computer is acting slow and does not respond well to various issued commands, but Windows Trojans Sleuth is the one making your computing experience unbearable. It damages your computer and then asks to pay for the full version of the program, even though it cannot help you at all.

It is exceptionally frustrating keeping in mind the fact that Windows Trojans Sleuth blocks your executables just like any other rogue from the same Rogue.VirusDoctor family - Windows Trojans Inspector, Windows Attacks Defender, Windows Firewall Constructor and so on. Windows Trojans Sleuth basically locks your computer and holds it a "hostage" until you pay the "ransom", or the activation key, promising that everything will go back to normal once you activate Windows Trojans Sleuth and delete all the malware present.

However, there is an easier way to get rid of fake security notifications and make your executables responsive again. Simply use this activation key to "activate" Windows Trojans Sleuth:

0W000-000B0-00T00-E0020

The rogue will think that you have paid for the full version of the program and for the time being it will stop sending you fake security alerts. This is when you have to grab this chance and remove Windows Trojans Sleuth from your computer for good. Just because you cannot see the rogue, it does not mean it is not there! Windows Trojans Sleuth only waits for another chance to attack you, so your best call would be investing in a reliable antimalware tool that will successfully destroy Windows Trojans Sleuth and protect your computer from similar infections.

Download Spyware Removal Tool to Remove* Windows Trojans Sleuth
  • Quick & tested solution for Windows Trojans Sleuth removal.
  • 100% Free Scan for Windows
disclaimer

How to manually remove Windows Trojans Sleuth

Files associated with infection (Windows Trojans Sleuth):

%Desktop%\Windows Malware Sleuth.lnk
%CommonStartMenu%\Programs\Windows Malware Sleuth.lnk
%AppData%\result.db
%AppData%\Protector-[Random].exe
%AppData%\NPSWF32.dll

Dynamic Link Libraries to remove (Windows Trojans Sleuth):

%AppData%\NPSWF32.dll

Processes to kill (Windows Trojans Sleuth):

%AppData%\Protector-[Random].exe

Remove registry entries (Windows Trojans Sleuth):

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings "WarnOnHTTPSToHTTPRedirect" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegedit" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableRegistryTools" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System "DisableTaskMgr" = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Settings "net" = 2012-3-5_1
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Main\FeatureControl\FEATURE_ERROR_PAGE_BYPASS_ZONE_CHECK_FOR_HTTPS_KB954312
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\antivirus.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\autoupdate.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avpdos32.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\brasil.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\csc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\exe.avxw.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\hbinst.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jdbgmrg.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\mcvsrte.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nav.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\nupgrade.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\pctsTray.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\qh.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SecurityFighter.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\svchostc.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vbust.exe
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\win32us.exe
Disclaimer

Post comment — WE NEED YOUR OPINION!

Comment:
Name:
Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.