NameChanger
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 10 % (Normal) |
| Infected Computers: | 55 |
| First Seen: | February 14, 2014 |
| Last Seen: | June 17, 2023 |
| OS(es) Affected: | Windows |
PC security researchers have received reports of a rogue security program's family that is characterized by the fact that it has a very large number of aliases. More than two hundred variants in the NameChanger family of rogue security programs exist currently, with countless others likely to appear in the future. The NameChanger family of threats is a family of fake security programs that are also known as Tritax. Due to some of the aliases used by NameChanger rogue security programs, they are often confused with other rogue security software families like FakeVimes and FakeDef. NameChanger is distributed using social engineering techniques that often include legitimate, high profile websites that have been compromised in order to distribute this threat. In many cases, these threats are distributed using compromised advertisement networks, inserting corrupted advertisements designed to distribute rogue security software under the disguise of a 'free threat scan.'
Table of Contents
The NameChanger Variants Adapt Their Names to the Operating System Used on the PC
Threats in the NameChanger family have been around since at least Spring of 2009. There are three main variants in the NameChanger family of threats, often labeled as NameChanger.A, NameChanger.B and NameChanger.C. These threats have become dubbed NameChanger because they amount in more than two hundred different names used by these infections. In general, rogue security programs like the NameChanger variants can be differentiated from legitimate security programs because they may be installed automatically and may seriously interfere with the affected computer's normal operations.
A Quick Look into the NameChanger Variants
The first NameChanger variant, NameChanger.A, first appeared in Fall of 2010. Since then, NameChanger has used about 52 different names. Some of the NameChanger variants that belong to the NameChanger.A category include Privacy Guard 2010, Windows Health Center, Windows Simple Protector, Windows Troublemakers Agent and Windows Remedy. The second NameChanger variant, NameChanger.B, has about 30 different variants, including programs like Windows Repairing System, Windows Oversight Center and Windows Inspection Utility. The third NameChanger variant, NameChanger.C, has about 138 members so far, including fake security programs like Windows PRO Scanner, Windows Protection Master and Windows Threats Destroyer.
URLs
NameChanger may call the following URLs:
| https://nba.info-search.page/ |
