SpyBlocker Description and Removal Instructions

SpyBlocker Description (Scan your PC to Detect SpyBlocker with SpyHunter)

Do not entertain the lies and marketing of SpyBlocker, a fake anti-spyware tool floating on the Internet in search of new victims to scam. The design and behavior of SpyBlocker not only mimics the basic rogue security model but also resembles newcomers Ultimate Scan, Clean Security, Ultimate Guard and Bogema Security. Researchers who tested these imposters noted that the scanning engine was a mere smoke screen and was made possible by the creative JavaScript and imagery. Therefore, SpyBlocker is technically unable to scan any of your files or programs and thus, cannot find or remove viruses SpyBlocker claims to exist. The primary goal of rogue security programs, including SpyBlocker, is to use false/negatives and positives to scare its victim into blindly handing over their credit card number to a hacker and allowing remote access.

Cybercriminals exploit both human and non-human vulnerabilities, such as software and hardware, to unload their malicious programs. It is no secret that the Windows OS and IE browser are flawed, and this is why SpyBlocker targets persons having these tools in place. Other angles or exploits might include the following:

  1. Social Networks – Facebook’s, Twitter’s and MSN’s friendly platforms have become easy traps as users throw caution to the wind and blindly accept invitations to befriend and view some malware-laced link that goes to a PC threat such as SpyBlocker or a free, but deceptive online scanner.
  2. Poor Web Surfing Habits – Persons who visit unsavory (i.e. porn, gaming or warez) websites haven’t a clue that a Trojan downloader is encamped and waiting for them to simply ‘click’ or enter, so it can self-load. Equally dangerous is clicking on dubious links such as the one promoting the sale and use of SpyBlocker, spy-blocker(dot)com. By using Black-Hat SEO tricks, cybercriminals get their malicious URLS/links listed on Google search results pages. Note: Remember to report suspicious links and websites so that Google can red flag or remove it.
  3. Weak Internet Security – If you are not practicing good Internet security, you might as well leave the front door open (i.e. give easy access) to hackers. Hopefully you’re not indulging in the following:
    • No anti-malware tool installed, or you’ve allowed it to lapse.
    • Fell into the trap of some slick-looking interface, and since installing it, you’ve endured repeated attacks.
    • You need to remove the rogue security program and replace it with stealth Internet security.
    • Pirate music, video, games, software, etc. Pirating is still illegally but more important, cybercriminals love hiding malware in these types of downloads and programs used to ‘snatch’ free media.
    • You do not verify the source of emails before clicking on a link or opening an attachment. Spam still serves as an important tool for distributing malware.
    • You ignored notifications to patch known vulnerabilities in software or hardware.
Behavior of SpyBlocker once inside:
There are at least three behaviors you can expect from the Trojan operating SpyBlocker.

  1. Setup of a malicious attack:
    1. Unloads and decrypts malicious files and program SpyBlocker smuggled inside.
    2. Modifies the Windows Registry and makes an entry to run randomly named executable at every boot.
    3. Disarms or disables programs that threaten detection and removal.
    4. Adds malicious program to the ‘approved programs listing’ to bypass firewall.
    5. Edits host files and control browser so that the victim cannot download any helpful programs to detect and remove SpyBlocker.
  2. Two-part execution of malicious attack:
    • Simulation of a security breach.
    • At system start, assault the victim with fake alerts and warnings.
    • The slick interface of SpyBlocker swarms in and runs an unauthorized quick scan to identify unknown intruder/threat. Again, what you are seeing is the creative use of JavaScript and imagery.
    • Prompt the victim to run ‘full scan’ of all files and folders and as planned, show the victim a scary list of infected files and named viruses.
    • Suggest victim to register, buy and download full-versioned software to fix discrepancies. Don’t fall for this trap! SpyBlocker is mere a fraud and only wants your financial data so SpyBlocker can scam you.
      • Defensive mechanism:
        • Attempt to stop its process from running using Task Manager and you will be denied and given a bogus error.
        • Try using your browser to find and download a helpful anti-malware tool and you will be redirected to spy-blocker(dot)com, so you can buy its fake anti-virus program called SpyBlocker, or you may simply be presented another bogus error.
        • Try shutting down your system and restarting and because Trojan has looped its executable, SpyBlocker will rear its ugly head again and again.
        • Try using a less than stealth anti-virus tool or online scanner to both find and remove traces of SpyBlocker and you may get a ‘clean bill of health’ that contradicts what you already know – your PC is infected. The possible use of a rootkit may prohibit some anti-spyware programs from detecting threats rooted in the deepest part of your system. A supercharged Trojan (i.e. one built with rootkit technology) may have deleted key files and replaced them with infectious ones, or injected its poisonous script in legitimate files to both mask the virus and have it run alongside or in front of legitimate script. Unless you are skilled in editing Windows Registry, you may want to use a reputable anti-malware tool containing an anti-rootkit to ensure your system is clean and safe to use again. Deleting the incorrect file could cause irredeemable damage to your hard drive and you could lose valuable data.

Automatically Detect SpyBlocker

  1. Download SpyHunter* Scanner to Detect SpyBlocker
  2. Run a full system scan to detect Vista Home Security 2012 files.
  3. Once you've detected SpyBlocker on your PC, you will then need to purchase SpyHunter to start the removal process.
  4. Reboot your PC and rerun the scan for any remaining traces of SpyBlocker.

Remove SpyBlocker Manually

Stop the following SpyBlocker processes:
%Documents and Settings%\[USERNAME]\Application Data\[RANDOM CHARACTERS].exe

Remove the following SpyBlocker registry keys:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SpyBlocker"
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "[RANDOM CHARACTERS]"

Locate and delete the following SpyBlocker files:
%Documents and Settings%\[USERNAME]\Application Data\[RANDOM CHARACTERS].exe

Spyware Database SpyBlocker