FAKESPY-A Removal: Remove FAKESPY-A Forever
Let our support team solve your problem with FAKESPY-A and repair FAKESPY-A right now!
Leave the detailed description of your FAKESPY-A problem in the form below. Our support team will contact you in several minutes and give a step-by-step instruction on how to fix FAKESPY-A problem. Please be specific. Do your best describing the problem. This will help us recommend right and complete FAKESPY-A problem removal solution.
Describe your problem here and we'll contact you in several minutes:
Warning:
1) We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you FAKESPY-A removal solution.
2) All fields of this form are obligatory.
Threat's profile
|
Name of the threat: FAKESPY-A |
| Command or file name: helper.exe |
| Threat type: Trojan |
| Affected OS: Win32 (Windows 9x, Windows XP, Windows Vista) |
FAKESPY-A intrusion method
FAKESPY-A copies its file(s) to your hard disk. Its typical file name is helper.exe. Then it creates new startup key with name FAKESPY-A and value helper.exe. You can also find it in your processes list with name helper.exe or FAKESPY-A.
If you have further questions about FAKESPY-A, please fill in the form above and we'll contact you shortly.
» Download program to remove FAKESPY-A (FAKESPY-A Removal Tool)
Recommended Solution
If you are not sure what to delete, use our award winning program - FAKESPY-A Removal Tool.
FAKESPY-A Removal Tool will find and fully remove FAKESPY-A and all problems associated with FAKESPY-A virus.
Fast, easy, and handy, FAKESPY-A Removal Tool protects your computer against FAKESPY-A that does harm to your computer and breaks your privacy. FAKESPY-A Removal Tool scans your hard disks and registry and destroys any manifestation of FAKESPY-A. Standard anti-virus software can do nothing against malicious programs like FAKESPY-A. Remove FAKESPY-A straight away!
» Download FAKESPY-A Removal Tool now for free
How to fix FAKESPY-A
This problem can be solved manually by deleting all registry keys and files connected with FAKESPY-A, removing it from starup list and unregistering all corresponding DLLs. Additionally missing DLL's should be restored from distribution in case they are corrupted by FAKESPY-A.
To get rid of FAKESPY-A, you should:
1. Kill the following processes and delete the appropriate files:
no information
Warning: you should delete only those files which checksums are listed as malicious. There may be valid files with the same names in your system. We recommend you to use FAKESPY-A Removal Tool for safe problem solution.
2. Delete the following malicious folders:
no information
3. Delete the following malicious registry entries and\or values:
no information
Warning: If value is listed for some registry entries, you should only clear these values and leave keys with such values untouched. We recommend you to use FAKESPY-A Removal Tool for safe problem solution.
Here are the descriptions of problems connected with FAKESPY-A and helper.exe we received earlier:
message keeps appearing
Problem Summary: message keeps appearing
This message keeps appearing on my computer:\r\nHPWuschd2exe\r\n\r\nPL how to solve this problem
Our support has contacted the author of this message, Najeh, and helped to solve his problem.
missing dll I think
Problem Summary: missing dll I think
on start up, a pop-up saying \"missing nvsvcStart\" appears on my desktop, i\'m not too sureas to what the problem is can you advise me thankyou.
Our support has contacted the author of this message, Moko, and helped to solve his problem.
system32\\cmd.exe
Problem Summary: system32\\cmd.exe
Dear sir,
When ever i am trying to make some floppy for some software it allways showing me error SYSRTEM32\\CMD.EXE ERROR.I you can tell me how i can solve this problem i will be very thankful to you
Thanks & regards
Rakesh kumar
Our support has contacted the author of this message, rakesh kumar, and helped to solve his problem.
iinvalidactivex
Problem Summary: iinvalidactivex
My computer has unexpected crashes all of the time, even sometimes after I start it back up it crashes again. I used my Norton Systemworks to detect the problem and it can find it but can fix it. It says it is missing or invalid key \"atworkrendering/shell/printto/command refers to an invalid command entry
Our support has contacted the author of this message, radwa, and helped to solve his problem.
missing contacts in the new version of msn only
Problem Summary: missing contacts in the new version of msn only
when i downloaded the new version os win live messengers my contacts were missing i contact them but they didnt reply and i tried to delete the cache folder as they said in their win live help but nothing worked
Our support has contacted the author of this message, radwa, and helped to solve his problem.
helper.exe infected with WORM_VB.KAE
Problem Summary: helper.exe infected with WORM_VB.KAE
Scanned with Trend Micro to find file helper.exe (C:\\WINDOWS\\helper.exe) has been infected with WORM_VB.KAE and can\'t be cleaned with Trend Micro. When I open the folder the file is in, helper.exe can\'t be seen. How do I remove the infection? The helper.exe also appears in my processes list as mentioned in the intrusion method, but no FAKESPY-A.
My system is Windows XP.
Our support has contacted the author of this message, Shirley, and helped to solve his problem.
Invalid ActiveX/com
Problem Summary: Invalid ActiveX/com
My computer has unexpected crashes all of the time, even sometimes after I start it back up it crashes again. I used my Norton Systemworks to detect the problem and it can find it but can fix it. It says it is an Invalid ActiveX/com entry due to my computer missing the file FlashUtil9f.exe. What the heck is my comp\'s problem?
Our support has contacted the author of this message, Cody Mishler, and helped to solve his problem.
virus
Problem Summary: virus
bom dia ! toda vez que inicio meu pc , aparece uma mensagem windos/help/hellper.exe informando que não posso usar o aplicativo em seguida aparece uma tarja preata e branco de uma mensagem securite suite, isso não acontecia meu avast 4.8 detectou algums virus que foram retirados mais mesmo assim ainda continua acontecendo isso,alem de que ele agora demora muito para abrir , quando ligo fica uma mensagem de aguarde na tela do windos, por gentileza me ajudem o que faço , desde já agradecido ....
Our support has contacted the author of this message, Ednilson, and helped to solve his problem.
helper.exe problem
Problem Summary: helper.exe problem
On opening my PC a pop up dialog box with name HELPER.EXE and message \'the system can not find the file specified\'. By pressing the OK button the box doesnt close. But it repeats
Our support has contacted the author of this message, Narasimhan, and helped to solve his problem.
my computer is infected by some dangerous threats so plz hlp
Problem Summary: my computer is infected by some dangerous threats so plz hlp
my computer have zylom games player, worm radar, and coupon.inc
Our support has contacted the author of this message, THEFI, and helped to solve his problem.
Creative product registration popup
Problem Summary: Creative product registration popup
This Creative product registration or CTRegRun.EXE, Gentle reminder wont go away even if i just try to register
Our support has contacted the author of this message, Aleisha, and helped to solve his problem.
C:\\WINDOWS\\Help\\Helper.exe
Problem Summary: C:\\WINDOWS\\Help\\Helper.exe
Everytime I start up Windows XP home Starter pack 2 An error message appears stating that the following file cannot be found.i.e C:\\WINDOWS\\Help\\Helper.exe
How can I remedy this problem...Regards Gregg
Our support has contacted the author of this message, Gregg Stadhams, and helped to solve his problem.
FlashUtil9f.exe
Problem Summary: FlashUtil9f.exe
FlashUtil9f.exe cannot be deleted or modified
Our support has contacted the author of this message, pracha, and helped to solve his problem.
Helper.exe is showing an error message when the system start
Problem Summary: Helper.exe is showing an error message when the system start
Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:12, on 18/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal
Running processes:
C:\\Windows\\system32\\taskeng.exe
C:\\Windows\\system32\\Dwm.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\HP\\QuickPlay\\QPService.exe
C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QLBCTRL.exe
C:\\Program Files\\Windows Defender\\MSASCui.exe
C:\\Program Files\\HP\\Digital Imaging\\bin\\HpqSRmon.exe
C:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe
C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe
C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\WiFiMsg.exe
C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashDisp.exe
C:\\Windows\\CTREGRUN.EXE
C:\\Program Files\\Windows Sidebar\\sidebar.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe
C:\\Program Files\\Windows Media Player\\wmpnscfg.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Program Files\\Hewlett-Packard\\Shared\\HpqToaster.exe
C:\\Windows\\system32\\conime.exe
C:\\Program Files\\Internet Explorer\\ieuser.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe
C:\\Program Files\\HP\\Smart Web Printing\\hpswp_clipbook.exe
C:\\Program Files\\Microsoft Office\\Office12\\WINWORD.EXE
C:\\Program Files\\Creative\\Product Registration\\French\\REGISTER.EXE
C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe
C:\\Windows\\System32\\cmd.exe
C:\\Windows\\system32\\SearchFilterHost.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe
R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_br&c=81&bd=Presario&pf=laptop
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_br&c=81&bd=Presario&pf=laptop
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\\Program Files\\HP\\Smart Web Printing\\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll
O4 - HKLM\\..\\Run: [NvSvc] RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [QPService] \"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\"
O4 - HKLM\\..\\Run: [QlbCtrl] %ProgramFiles%\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start
O4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide
O4 - HKLM\\..\\Run: [hpqSRMon] C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe
O4 - HKLM\\..\\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe
O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe
O4 - HKLM\\..\\Run: [hpWirelessAssistant] C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe
O4 - HKLM\\..\\Run: [WAWifiMessage] C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\WiFiMsg.exe
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\"
O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"
O4 - HKLM\\..\\Run: [CTRegRun] C:\\Windows\\CTRegRun.EXE
O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun
O4 - HKCU\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')
O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')
O4 - HKUS\\S-1-5-18\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background (User \'Default user\')
O8 - Extra context menu item: &Windows Live Search - res://C:\\Program Files\\Windows Live Toolbar\\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\\Program Files\\HP\\Smart Web Printing\\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-00c8b8e6644ec4c4.spaces.live.com/PhotoUpload/VistaMsnPUpldpt-br.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\\Program Files\\HP Games\\My HP Game Console\\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\\Program Files\\Hewlett-Packard\\HP Health Check\\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\\Program Files\\Hewlett-Packard\\Shared\\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\\Program Files\\CyberLink\\Shared Files\\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\\Windows\\system32\\DRIVERS\\xaudio.exe
--
End of file - 10743 bytes
Our support has contacted the author of this message, Carlos Santos, and helped to solve his problem.
Popular problem: toseeka
Next threat: FAKESPY-B »
Learn more about FAKESPY-A and helper.exe »
« Back to catalog
Solution: 6990
|
