Home & Home OfficeBusinessPartnersClubAbout Security Stronghold

How to Remove FAKESPY-A

Trojans is one of the most wide-spread threat in the internet. They can spread in lot of ways (torrents, e-mail attachments, video codecs etc.). FAKESPY-A as well as any other trojan can harm your PC in different ways. Originally, trojans stole just your e-mail contacts and some personal data. Nowadays, they can steal any type of private information, being serious threat. In this tutorial we will show how to deal with FAKESPY-A detect and remove it from your PC.

Choose option :

* FAKESPY-A description and technical details.

* Manual removal of FAKESPY-Al.

* Professional support that will help you remove FAKESPY-A from our Security Support Team.

Never blindly type commands that others advise you to type even when you have a decent FAKESPY-A removal tool installed if you don't wish to remove FAKESPY-As after. Don't be assured too much in your anti badware as some of them do not defend from FAKESPY-As as purposely oriented FAKESPY-A removal tools do. Stranger applications can be setup on your machine if you don't remove FAKESPY-A or at the least perform FAKESPY-A removal procedure. Don't be unillusioned with FAKESPY-A as it uses your believe after what there a dure necessity to remove FAKESPY-A happens. Do not wait until FAKESPY-As will transform your PC into a ill-intentioned Internet mail spreader. Security Stronghold company designed a advanced FAKESPY-A removal tool that will help you to remove FAKESPY-As once and forever.


Threat indicator: HIGH

Trojan's detail table

Trojan alias:

Executable file:

Threat class:

Affected OS:

FAKESPY-A

helper.exe

Trojan

Win32 (Windows 9x, Windows XP, Windows Vista, Windows Seven)



FAKESPY-A infiltration

As we already said there numerous ways trojan can get to your PC from the internet. FAKESPY-A copies its file(s) to your hard disk. File name typical to FAKESPY-A is helper.exe. Then it runs itself and creates new startup key in registry with name FAKESPY-A and value helper.exe. If you will look into running processes list you will see some extra process with name like helper.exe or any random name that uses decent amount of your CPU.

If you would like to remove FAKESPY-A use Automatic Trojan Removal

So what is FAKESPY-A Removal Tool? Basically, it is the tool that will remove every file and registry key that was created by FAKESPY-A. It was created after analyzing all versions and types of this threat on test PCs and every file and key was added to the database. Removal Tool is updated regularly to make sure it can remove latest versions of FAKESPY-A. If you already our customer (purchased any product of ours previously) you can request this tool for free in the form below providing your orger number in description:

Download FREE FAKESPY-A Removal Tool

Please take 1 second to show that you like our solution - click on this Facebook button:

How to remove FAKESPY-A manually?

During all time since adding FAKESPY-A to our database we track it changes and add them in the list below, removing files mentioned from your hard drive and deleting them from starup list and also unregistering all corresponding DLLs will result cleaning your computer drom the trojan. But also, missing DLL's that can be removed or corrupted by FAKESPY-A should be restored from your Windows CD .

So, here is the simple process to remove FAKESPY-A:

1. Delete following processes form startup and files from your hard drive:

no information

2. Delete the following folders that are assosiated with FAKESPY-A:

no information

3. Finally, remove this registry keys:

no information

Warning: Sometimes, trojan can use system file names or randomly generated names for its executable. We recommend you to use Download FREE FAKESPY-A Removal Tool

If you are already our customer or you have additional questions ask our support team for help in removing FAKESPY-A!

Write a few words of how you got FAKESPY-A with all circunstances in the form below. Our support team open support ticket for you in an hour and we will start solving your problem with FAKESPY-A. Attach suspicious files that you see that possibly a part of FAKESPY-A.

Click to ask professional of FAKESPY-A solution

Describe your problem here and we'll contact you in several minutes:

We'll reply you in 10 minutes or less
* Your Name:
* Your E-mail:
* Problem summary:
* Detailed description:
Attach suspicious file:
Here you can attach file you suspect to be virus or source of problem. If you want to attach several files, put them into one archive and attach it instead.

Click on this button to submit request.

Solution guaranteed!

 

It is important:

  1. We hate spam as much as you do. We will not share your email with any third party or publish it anywhere. Your email is used only to contact you and give you FAKESPY-A removal solution.
  2. All fields of this form are obligatory.

Here are the descriptions of problems connected with FAKESPY-A and helper.exe we received earlier:

Problem Summary: message keeps appearing

This message keeps appearing on my computer:\r\nHPWuschd2exe\r\n\r\nPL how to solve this problem

Our support team contacted Najeh with the solution of the problem described.

Problem Summary: missing dll I think

on start up, a pop-up saying \"missing nvsvcStart\" appears on my desktop, i\'m not too sureas to what the problem is can you advise me thankyou.

The problem of Moko was resolved by our support team.

Problem Summary: system32\\cmd.exe

Dear sir,

When ever i am trying to make some floppy for some software it allways showing me error SYSRTEM32\\CMD.EXE ERROR.I you can tell me how i can solve this problem i will be very thankful to you

Thanks & regards
Rakesh kumar

We examined this request and answered rakesh kumar by email.

Problem Summary: iinvalidactivex

My computer has unexpected crashes all of the time, even sometimes after I start it back up it crashes again. I used my Norton Systemworks to detect the problem and it can find it but can fix it. It says it is missing or invalid key \"atworkrendering/shell/printto/command refers to an invalid command entry


Reply of our support team was forwarded to radwa via email.

Problem Summary: missing contacts in the new version of msn only

when i downloaded the new version os win live messengers my contacts were missing i contact them but they didnt reply and i tried to delete the cache folder as they said in their win live help but nothing worked

We worked out the solution of descirbed problem and sent our suggestions to radwa.

Problem Summary: helper.exe infected with WORM_VB.KAE

Scanned with Trend Micro to find file helper.exe (C:\\WINDOWS\\helper.exe) has been infected with WORM_VB.KAE and can\'t be cleaned with Trend Micro. When I open the folder the file is in, helper.exe can\'t be seen. How do I remove the infection? The helper.exe also appears in my processes list as mentioned in the intrusion method, but no FAKESPY-A.
My system is Windows XP.

Shirley received email with possible solutions of his problem.

Problem Summary: Invalid ActiveX/com

My computer has unexpected crashes all of the time, even sometimes after I start it back up it crashes again. I used my Norton Systemworks to detect the problem and it can find it but can fix it. It says it is an Invalid ActiveX/com entry due to my computer missing the file FlashUtil9f.exe. What the heck is my comp\'s problem?

Several possible methods of solving the problem mentioned by Cody Mishler were sent to the provided email address.

Problem Summary: virus

bom dia ! toda vez que inicio meu pc , aparece uma mensagem windos/help/hellper.exe informando que não posso usar o aplicativo em seguida aparece uma tarja preata e branco de uma mensagem securite suite, isso não acontecia meu avast 4.8 detectou algums virus que foram retirados mais mesmo assim ainda continua acontecendo isso,alem de que ele agora demora muito para abrir , quando ligo fica uma mensagem de aguarde na tela do windos, por gentileza me ajudem o que faço , desde já agradecido ....

Our support team answered the request of Ednilson by email.

Problem Summary: helper.exe problem

On opening my PC a pop up dialog box with name HELPER.EXE and message \'the system can not find the file specified\'. By pressing the OK button the box doesnt close. But it repeats

Narasimhan, please check your email for our answer.

Problem Summary: my computer is infected by some dangerous threats so plz hlp

my computer have zylom games player, worm radar, and coupon.inc

THEFI, we sent the solution of this problem to your mailbox.

Problem Summary: Creative product registration popup

This Creative product registration or CTRegRun.EXE, Gentle reminder wont go away even if i just try to register

Our support team contacted Aleisha with the solution of the problem described.

Problem Summary: C:\\WINDOWS\\Help\\Helper.exe

Everytime I start up Windows XP home Starter pack 2 An error message appears stating that the following file cannot be found.i.e C:\\WINDOWS\\Help\\Helper.exe
How can I remedy this problem...Regards Gregg

The problem of Gregg Stadhams was resolved by our support team.

Problem Summary: FlashUtil9f.exe

FlashUtil9f.exe cannot be deleted or modified

We examined this request and answered pracha by email.

Problem Summary: Helper.exe is showing an error message when the system start

Logfile of Trend Micro HijackThis v2.0.2
Scan saved at 18:26:12, on 18/06/2008
Platform: Windows Vista (WinNT 6.00.1904)
MSIE: Internet Explorer v7.00 (7.00.6000.16681)
Boot mode: Normal

Running processes:
C:\\Windows\\system32\\taskeng.exe
C:\\Windows\\system32\\Dwm.exe
C:\\Windows\\Explorer.EXE
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\HP\\QuickPlay\\QPService.exe
C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\QLBCTRL.exe
C:\\Program Files\\Windows Defender\\MSASCui.exe
C:\\Program Files\\HP\\Digital Imaging\\bin\\HpqSRmon.exe
C:\\Program Files\\HP\\HP Software Update\\hpwuSchd2.exe
C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe
C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\WiFiMsg.exe
C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe
C:\\Program Files\\Alwil Software\\Avast4\\ashDisp.exe
C:\\Windows\\CTREGRUN.EXE
C:\\Program Files\\Windows Sidebar\\sidebar.exe
C:\\Windows\\System32\\rundll32.exe
C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe
C:\\Windows\\ehome\\ehtray.exe
C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe
C:\\Program Files\\Windows Media Player\\wmpnscfg.exe
C:\\Windows\\ehome\\ehmsas.exe
C:\\Program Files\\Hewlett-Packard\\Shared\\HpqToaster.exe
C:\\Windows\\system32\\conime.exe
C:\\Program Files\\Internet Explorer\\ieuser.exe
C:\\Program Files\\Internet Explorer\\iexplore.exe
C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WLLoginProxy.exe
C:\\Program Files\\HP\\Smart Web Printing\\hpswp_clipbook.exe
C:\\Program Files\\Microsoft Office\\Office12\\WINWORD.EXE
C:\\Program Files\\Creative\\Product Registration\\French\\REGISTER.EXE
C:\\Windows\\system32\\Macromed\\Flash\\FlashUtil9f.exe
C:\\Windows\\System32\\cmd.exe
C:\\Windows\\system32\\SearchFilterHost.exe
C:\\Program Files\\Trend Micro\\HijackThis\\HijackThis.exe

R1 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Page_URL = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_br&c=81&bd=Presario&pf=laptop
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Main,Start Page = http://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=en_br&c=81&bd=Presario&pf=laptop
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,SearchAssistant =
R0 - HKLM\\Software\\Microsoft\\Internet Explorer\\Search,CustomizeSearch =
R0 - HKCU\\Software\\Microsoft\\Internet Explorer\\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O2 - BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\\Program Files\\Common Files\\Adobe\\Acrobat\\ActiveX\\AcroIEHelper.dll
O2 - BHO: NCO 2.0 IE BHO - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - (no file)
O2 - BHO: SSVHelper Class - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O2 - BHO: (no name) - {7E853D72-626A-48EC-A868-BA8D5E23E045} - (no file)
O2 - BHO: Auxiliar de Conexão do Windows Live - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\\Program Files\\Common Files\\Microsoft Shared\\Windows Live\\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - c:\\program files\\google\\googletoolbar2.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O2 - BHO: HP Print Clips - {FFFFFFFF-FF12-44C5-91EC-068E3AA1B2D7} - c:\\Program Files\\HP\\Smart Web Printing\\hpswp_framework.dll
O3 - Toolbar: (no name) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - (no file)
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\\Program Files\\Windows Live Toolbar\\msntb.dll
O3 - Toolbar: &Google - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - c:\\program files\\google\\googletoolbar2.dll
O4 - HKLM\\..\\Run: [NvSvc] RUNDLL32.EXE C:\\Windows\\system32\\nvsvc.dll,nvsvcStart
O4 - HKLM\\..\\Run: [NvCplDaemon] RUNDLL32.EXE C:\\Windows\\system32\\NvCpl.dll,NvStartup
O4 - HKLM\\..\\Run: [NvMediaCenter] RUNDLL32.EXE C:\\Windows\\system32\\NvMcTray.dll,NvTaskbarInit
O4 - HKLM\\..\\Run: [QPService] \"C:\\Program Files\\HP\\QuickPlay\\QPService.exe\"
O4 - HKLM\\..\\Run: [QlbCtrl] %ProgramFiles%\\Hewlett-Packard\\HP Quick Launch Buttons\\QlbCtrl.exe /Start
O4 - HKLM\\..\\Run: [Windows Defender] %ProgramFiles%\\Windows Defender\\MSASCui.exe -hide
O4 - HKLM\\..\\Run: [hpqSRMon] C:\\Program Files\\HP\\Digital Imaging\\bin\\hpqSRMon.exe
O4 - HKLM\\..\\Run: [HP Health Check Scheduler] [ProgramFilesFolder]Hewlett-Packard\\HP Health Check\\HPHC_Scheduler.exe
O4 - HKLM\\..\\Run: [HP Software Update] C:\\Program Files\\Hp\\HP Software Update\\HPWuSchd2.exe
O4 - HKLM\\..\\Run: [hpWirelessAssistant] C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\HPWAMain.exe
O4 - HKLM\\..\\Run: [WAWifiMessage] C:\\Program Files\\Hewlett-Packard\\HP Wireless Assistant\\WiFiMsg.exe
O4 - HKLM\\..\\Run: [SunJavaUpdateSched] \"C:\\Program Files\\Java\\jre1.6.0_05\\bin\\jusched.exe\"
O4 - HKLM\\..\\Run: [avast!] C:\\PROGRA~1\\ALWILS~1\\Avast4\\ashDisp.exe
O4 - HKLM\\..\\Run: [Adobe Reader Speed Launcher] \"C:\\Program Files\\Adobe\\Reader 8.0\\Reader\\Reader_sl.exe\"
O4 - HKLM\\..\\Run: [CTRegRun] C:\\Windows\\CTRegRun.EXE
O4 - HKCU\\..\\Run: [Sidebar] C:\\Program Files\\Windows Sidebar\\sidebar.exe /autoRun
O4 - HKCU\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter
O4 - HKCU\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background
O4 - HKCU\\..\\Run: [ehTray.exe] C:\\Windows\\ehome\\ehTray.exe
O4 - HKCU\\..\\Run: [swg] C:\\Program Files\\Google\\GoogleToolbarNotifier\\1.2.1128.5462\\GoogleToolbarNotifier.exe
O4 - HKCU\\..\\Run: [WMPNSCFG] C:\\Program Files\\Windows Media Player\\WMPNSCFG.exe
O4 - HKUS\\S-1-5-19\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'LOCAL SERVICE\')
O4 - HKUS\\S-1-5-19\\..\\Run: [WindowsWelcomeCenter] rundll32.exe oobefldr.dll,ShowWelcomeCenter (User \'LOCAL SERVICE\')
O4 - HKUS\\S-1-5-20\\..\\Run: [Sidebar] %ProgramFiles%\\Windows Sidebar\\Sidebar.exe /detectMem (User \'NETWORK SERVICE\')
O4 - HKUS\\S-1-5-18\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background (User \'SYSTEM\')
O4 - HKUS\\.DEFAULT\\..\\Run: [msnmsgr] \"C:\\Program Files\\Windows Live\\Messenger\\msnmsgr.exe\" /background (User \'Default user\')
O8 - Extra context menu item: &Windows Live Search - res://C:\\Program Files\\Windows Live Toolbar\\msntb.dll/search.htm
O8 - Extra context menu item: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\\PROGRA~1\\MICROS~3\\Office12\\EXCEL.EXE/3000
O9 - Extra button: (no name) - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O9 - Extra \'Tools\' menuitem: Sun Java Console - {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - C:\\Program Files\\Java\\jre1.6.0_05\\bin\\ssv.dll
O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra \'Tools\' menuitem: S&end to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\\PROGRA~1\\MICROS~3\\Office12\\ONBttnIE.dll
O9 - Extra button: HP Smart Select - {58ECB495-38F0-49cb-A538-10282ABF65E7} - c:\\Program Files\\HP\\Smart Web Printing\\hpswp_extensions.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\\PROGRA~1\\MICROS~3\\Office12\\REFIEBAR.DLL
O13 - Gopher Prefix:
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} (Checkers Class) - http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab
O16 - DPF: {2250C29C-C5E9-4F55-BE4E-01E45A40FCF1} (CMediaMix Object) - http://musicmix.messenger.msn.com/Medialogic.CAB
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} (UnoCtrl Class) - http://messenger.zone.msn.com/PT-BR/a-UNO1/GAME_UNO1.cab
O16 - DPF: {7FC1B346-83E6-4774-8D20-1A6B09B0E737} (Windows Live Photo Upload Control) - http://cid-00c8b8e6644ec4c4.spaces.live.com/PhotoUpload/VistaMsnPUpldpt-br.cab
O16 - DPF: {9122D757-5A4F-4768-82C5-B4171D8556A7} (PhotoPickConvert Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/PhtPkMSN.cab
O16 - DPF: {A1F2F2CE-06AF-483C-9F12-D3BAA72477D6} (BatchDownloader Class) - http://appdirectory.messenger.msn.com/AppDirectory/P4Apps/PhotoSwap/DigWXMSN.cab
O16 - DPF: {BFF1950D-B1B4-4AE8-B842-B2CCF06D9A1B} (Zylom Games Player) - http://game08.zylom.com/activex/zylomgamesplayer.cab
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} (MessengerStatsClient Class) - http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} (Minesweeper Flags Class) - http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab
O16 - DPF: {F8C5C0F1-D884-43EB-A5A0-9E1C4A102FA8} (GoPetsWeb Control) - https://secure.gopetslive.com/dev/GoPetsWeb.cab
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\\PROGRA~1\\COMMON~1\\Skype\\SKYPE4~1.DLL
O23 - Service: avast! iAVS4 Control Service (aswUpdSv) - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\aswUpdSv.exe
O23 - Service: avast! Antivirus - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashServ.exe
O23 - Service: avast! Mail Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashMaiSv.exe
O23 - Service: avast! Web Scanner - ALWIL Software - C:\\Program Files\\Alwil Software\\Avast4\\ashWebSv.exe
O23 - Service: Com4Qlb - Hewlett-Packard Development Company, L.P. - C:\\Program Files\\Hewlett-Packard\\HP Quick Launch Buttons\\Com4Qlb.exe
O23 - Service: GameConsoleService - WildTangent, Inc. - C:\\Program Files\\HP Games\\My HP Game Console\\GameConsoleService.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\\Program Files\\Google\\Common\\Google Updater\\GoogleUpdaterService.exe
O23 - Service: HP Health Check Service - Hewlett-Packard - c:\\Program Files\\Hewlett-Packard\\HP Health Check\\hphc_service.exe
O23 - Service: hpqwmiex - Hewlett-Packard Development Company, L.P. - C:\\Program Files\\Hewlett-Packard\\Shared\\hpqwmiex.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\\Program Files\\Common Files\\InstallShield\\Driver\\11\\Intel 32\\IDriverT.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\\Program Files\\CyberLink\\Shared Files\\RichVideo.exe
O23 - Service: XAudioService - Conexant Systems, Inc. - C:\\Windows\\system32\\DRIVERS\\xaudio.exe

--
End of file - 10743 bytes

Reply of our support team was forwarded to Carlos Santos via email.

 

Learn more about FAKESPY-A and helper.exe »

« Back to catalog
Home | Partners | Shop | Support | Contact Us | Privacy Policy | Sitemap

Copyright © 2003-2012 Security Stronghold. All Rights Reserved.