Home > Threats > RESpyWare

RESpyWare - Threat of a Fraudulent Payment

Posted on 29 November 2009 under Rogue Programs

1. What is RESpyWare?

RESpyWare is corrupt anti-virus program that may be the cause of fraudulent payment and personal data theft. The program is also known as a scareware, belongs to rogue programs category and is installed by Trojan.Fakevimes.

RESpyWare is closely related to the fake Windows Security Center, which is used as a rogue program advertisement tool, which is able to easily mislead the user as to its similarity with an original Windows Security Center.

RESpyWare will generate many warning messages about computer security, hoping user will believe in them and take protective measures to prevent this:
  • Spyware Alert! Your computer is infected with spyware. It could damage your critical files or expose your private data on the internet. Click here to register your copy of RESpyWare and remove spyware threats from your PC.
  • RESpyWare has detected 713 critical spyware objects while scanning the system. Register RESpyWare to block or remove threatening objects.
  • Infiltration Alert! Your Computer is being attacked by an internet virus. It could be a password-stealing attack, a trojan-dropper or similar. Do you want RESpyWare to block this attack?

2. RESpyWare screen shot:


3. How to remove RESpyWare:

  1. Internet connection might be disabled or Internet browser might be blocked by RESpyWare, so it won't be possible to download any files to infected computer. In this case please download all files required for RESpyWare removal to another computer and then transfer them on the infected one using CD/DVD or USB flash drive.
  2. To remove RESpyWare download Spyware Doctor and install the program (for the installation guide click here). Before installation, make sure all other programs and windows are closed.
  3. After the installation, computer scan should be started automatically. If so, please move to the next step. If not, click "Status" on the left side menu and press "Scan Now" button to run computer scanner as shown in the picture below:

  4. After the scan has been completed and scan results have been generated, press "Fix Checked" button to remove RESpyWare.

  5. Restart the computer to complete RESpyWare removal procedure.

4. RESpyWare files:

RESpyWare.exe, 001f9052.exe (variable file name), qt7fnpcf.exe

5. Hijackthis entries:

O4 - HKCU\..\Run: [RESpyWare.exe] C:\Program Files\RESpyWare Software\RESpyWare\RESpyWare.exe
O4 - HKLM\..\Run: [001f9052.exe] C:\WINDOWS\system32\001f9052.exe
O4 - HKCU\..\Run: [qt7fnpcf.exe] C:\WINDOWS\system32\qt7fnpcf.exe