Windows Passport Utility

Windows Passport Utility is one of many different rogue security programs distributed by the Fake Microsoft Security Essentials Alert Malware. This Trojan creates error messages about fake Trojan infections before installing a nonspecific program that supposedly has anti-malware functions. Windows Passport Utility and other rogue security programs installed by this Trojan not only have no anti-malware functions but can attack your computer's security by changing firewall settings, blocking programs and hijacking your browser. Hence, removing Windows Passport Utility should be considered a basic requirement for insuring PC security and privacy.

Perusing Windows Passport Utility's Malicious Utility

Initially, a potential Windows Passport Utility infection will begin with an alert about a Trojan infection:

Microsoft Security Essentials Alert
Potential Threat Details
Microsoft Security Essentials detected potential threats that might compromise your private or damage your computer. Your access to these items may be suspended until you take an action. Click 'show details' to learn more.

This fake alert is a prelude to true infection delivered by the Fake Microsoft Security Essentials Alert Trojan. After a fake system scan and several other errors, the Trojan will deliver its payload - Windows Passport Utility or another rogue security application.

Windows Passport Utility is strikingly similar to other rogue security applications like Windows Stability Center, Windows Expansion System, Windows Process Regulator, Windows Power Expansion and Windows Support System. All of these rogue security programs are as identical as twins in both looks and malicious behavior, but you shouldn't assume that an anti-malware scanner can detect Windows Passport Utility without all database updates just because the software can detect one of Windows Passport Utility's clones.

Typical attacks by Windows Passport Utility include:

• Fake error messages that appear for no reason or alongside system problems caused by Windows Passport Utility. Here are some examples of Windows Passport Utility's fake alerts:

  System Security Warning
  Attempt to modify register key entries is detected. Register entries analysis is recommended.

  System component corrupted!
  System reboot error has occurred due to lsass.exe system process failure.
  This may be caused by severe malware infections.
  Automatic restore of lsass.exe backup copy completed.
  The correct system performance can not be resumed without eliminating the cause of lsass.exe corruption.

• Restricted access to security applications and Windows programs like your Task Manager, Registry Editor and MSConfig. Windows Passport Utility may hide this deliberate block-off by displaying another fake error - for example, the below appears when Windows Passport Utility blocks Firefox from running:

  Warning!
  Name: firefox.exe
  Name: c:\program files\firefox\firefox.exe
  Application that seems to be a key-logger is detected. System information security is at risk. It is recommended to enable the security mode and run total System scanning.

• Web browser malfunctions. Windows Passport Utility may use fake unsafe website warnings to prevent you from browsing anti-malware and security-related websites, and can even redirect your browser to force it to a malicious domain like Windows Passport Utility's own homepage.

Tearing Up Windows Passport Utility's Malicious Passport

Deleting Windows Passport Utility is much simpler when done by anti-malware programs, since the use of Registry entries and file-hiding techniques make manual deletion a challenge at best. In most cases, the software you choose to use to delete Windows Passport Utility should also delete the FMSEA Trojan, too.

Keeping in mind that Windows Passport Utility is a recent new version of a basic rogue security program family, you should have equally recent anti-malware scanner updates downloaded to insure accurate detection and removal.

Insuring complete deletion also requires stopping Windows Passport Utility from launching itself. Most rogue security applications such as Windows Passport Utility are thwarted from automatically launching by a Safe Mode boot, which only launches a bare minimum of required system processes. Noting whether Windows Passport Utility is active in memory is just as important as noting any visual signs of the rogue security program, since trying to remove Windows Passport Utility while Windows Passport Utility is running in the background is likely to result in failure.