Click on screenshot to zoom
Danger level 9
Type: Rogue Anti-Spyware
Common infection symptoms:
  • Block exe files from running
  • Installs itself without permissions
  • Connects to the internet without permission
  • Slow internet connection
  • System crashes
  • Annoying Pop-up's
  • Slow Computer
Other mutations known as:

Windows Tasks Optimizer

The latest addition to the Fake Microsoft Security Essentials scam comes in the name of Windows Tasks Optimizer. This rogue tool is even confused about what its purpose is, as its name suggests it to be an optimization tool, but it claims to detect and protect PCs from security threats. This should already be a warning sign to users as to Windows Tasks Optimizer’s illicitness. Windows Tasks Optimizer also stems from the same family of rogues as Windows Attention Utility, and should thus never be trusted.

Windows Tasks Optimizer will enter the system surreptitiously without acquiring permission from the PC owner, and will hide its presence until it’s ready to start its attack against the system. Some of the methods used to accomplish this include seditious browser hijacking websites and bogus online malware scanners. These browser hijackers generally redirect users’ browsing and search sessions to their compromised landing pages, where drive-by download tactics are used to forcefully root the Windows Tasks Optimizer infection into unsuspecting PCs.

Download Spyware Removal Tool to Remove* Windows Tasks Optimizer
  • Quick & tested solution for Windows Tasks Optimizer removal.
  • 100% Free Scan for Windows

Because its infiltration is done so clandestinely, users will have a hard time to detect and destroy Windows Tasks Optimizer from the system. Windows Tasks Optimizer will only reveal its presence once it is ready to start its attack, and this will happen by the rogue initiating a fake system scan each time Windows boots up. The fake system scan will report on various fake security threats, including Backdoor.Win32.Rbot and Unknown Win32/Trojan.

In a further attempt to convince users of its legitimacy, Windows Tasks Optimizer uses genuine Windows icons on its interfaces, even stating that users should demand to use genuine Microsoft software. This rogue will do everything in its power to come across as legitimate, but it ultimately is not.

Windows Tasks Optimizer will also spam the user with various falsely generated security messages, informing him of dire infections running wild on the system. Some of these fake security messages include the following:

System Security Warning
Attempt to modify register key entries is detected. Register entries analysis is recommended.

Location: c:\windows\system32\taskmgr.exe
Viruses: Backdoor.Win32.Rbot

Reported symptoms of Windows Tasks Optimizer include users being unable to establish an Internet connection, as well as the inability to launch any type of executable on the system. Users also complained about increased erratic system behavior, as well as poor system performance.

In order to minimize the damage this rogue will cause to your PC, get rid of Windows Tasks Optimizer immediately. This is the only way you will regain control of your PC. Invest in a genuine security tool which will not only obliterate Windows Tasks Optimizer but also protect your system against similar future attacks.

Download Spyware Removal Tool to Remove* Windows Tasks Optimizer
  • Quick & tested solution for Windows Tasks Optimizer removal.
  • 100% Free Scan for Windows

How to manually remove Windows Tasks Optimizer

Files associated with Windows Tasks Optimizer infection:


Windows Tasks Optimizer processes to kill:


Remove Windows Tasks Optimizer registry entries:

HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\afwserv.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastsvc.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\avastui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\egui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\ekrn.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msascui.exe "Debugger" = 'svchost.exe'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\msmpeng.exe "Debugger" = 'svchost.exe'

Post comment — WE NEED YOUR OPINION!

Please enter security code:
This is a captcha-picture. It is used to prevent mass-access by robots.