Threat Database Rogue Anti-Spyware Program Windows Efficiency Reservoir

Windows Efficiency Reservoir

Threat Scorecard

Threat Level: 100 % (High)
Infected Computers: 2
First Seen: April 6, 2012
OS(es) Affected: Windows

Windows Efficiency Reservoir Image

Despite Windows Efficiency Reservoir's appearance, ESG security analysts have identified Windows Efficiency Reservoir as a rogue security program. Malware like Windows Efficiency Reservoir is designed to impersonate a legitimate security application while actually attempting to extort money from the victim. There are hundreds of fake security programs like Windows Efficiency Reservoir, many of these directly related to this fake security program. Windows Efficiency Reservoir belongs to a family of rogue security applications known as the FakeVimes family of rogue anti-virus programs. This family of malware has been active since 2009, which is an advantage for PC security researchers since most legitimate security software can easily handle a Windows Efficiency Reservoir infection. However, Windows Efficiency Reservoir belongs to a batch of FakeVimes malware which includes such pests as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.

The main problem with this latest batch of malware is that it is often bundled along with a rootkit infection which makes detection and removal of Windows Efficiency Reservoir a lengthier and more difficult process than normal. To deal with a Windows Efficiency Reservoir infection, ESG malware analysts recommend using a trustworthy anti-malware tool provided with anti-rootkit technology. Using a specialized anti-rootkit utility first should allow easy removal of Windows Efficiency Reservoir from your computer system.

A Basic Understanding of How the Windows Efficiency Reservoir Scam Works

The Windows Efficiency Reservoir scam attempts to convince computer users to purchase a non-existent, and completely useless "full version" of Windows Efficiency Reservoir. To do this, this fake security program will claim that the victim's computer is severely infected with numerous viruses and Trojan infections. However, attempting to fix these supposed infections with Windows Efficiency Reservoir will result in error messages and redirects to Windows Efficiency Reservoir's web page. These messages will inform the computer user that the selected problems cannot be removed unless the victim purchases the "full version" of Windows Efficiency Reservoir.

It is important to note that ESG malware analysts have not detected any anti-virus function within the Windows Efficiency Reservoir program. Rather, this fake security program seems to be designed to do little more than display alarming and misleading error messages and direct the victim to purchase its supposed "full" version. Once purchased, the Windows Efficiency Reservoir and its associated malware will remain on the infected computer system still causing problems and redirects.

SpyHunter Detects & Remove Windows Efficiency Reservoir

Windows Efficiency Reservoir Video

Tip: Turn your sound ON and watch the video in Full Screen mode.

File System Details

Windows Efficiency Reservoir may create the following file(s):
# File Name MD5 Detections
1. Protector-yyxg.exe b2cf7d149e3abf07ae50fb53fe5e435a 1
2. Protector-mnjj.exe 118550ab131970aeb165861cc4a03911 1
3. %AppData%\Inspector-[RANDOM CHARACTERS].exe
4. %AppData%\npswf32.dll
5. %CommonPrograms%\Windows Efficiency Reservoir.lnk
6. %DesktopDir%\Windows Efficiency Reservoir.lnk

Registry Details

Windows Efficiency Reservoir may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Inspector"

Messages

The following messages associated with Windows Efficiency Reservoir were found:

Error
Trojan activity detected. System data security is at risk.
It is recommended to activate protection and run a full system scan.
Warning
Firewall has blocked a program from accessing the Internet
C:\program files\internet explorer\iexplore.exe
is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server.
Warning! Identity theft attempt Detected
Hidden connection IP: 58.82.12.124
Target: Your passwords for sites

Trending

Most Viewed

Loading...