Windows Abnormality Checker
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 41 |
First Seen: | May 11, 2012 |
OS(es) Affected: | Windows |
Windows Abnormality Checker is one of the many bogus security programs belonging to this extensive group of malware. While this malware family has been around since 2009, ESG security researchers have grown concerned about malware in this family released in 2012. It seems that the most recent versions of malware in the FakeVimes group of bogus security software includes a harmful rootkit infection that can be quite difficult to remove. This rootkit has been identified as a variant of the ZeroAccess, or Sirefef rootkit. This makes Windows Abnormality Checker and its clones considerably more difficult to remove than previous iterations of the FakeVimes family of malware.
Known clones of Windows Abnormality Checker include such fake security programs as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
Table of Contents
How Criminals Use Windows Abnormality Checker to Scam Their Victims
The Windows Abnormality Checker scam is not complicated; basically, criminals will try to trick their victims into thinking that they need to purchase a fake security program. To do this, Windows Abnormality Checker, disguised as a legitimate anti-spyware program, will alert the victim with increasingly alarming error messages that their computer system is severely infected with malware. Then, when the victim tries to use Windows Abnormality Checker to fix these supposed malware problems, this fake security program will claim that an 'upgrade' to a supposed full version of Windows Abnormality Checker is needed. Of course, this upgrade is not free. Not only that, paying for Windows Abnormality Checker will also put your credit card information and personal data in the hands of scammers, putting you at risk for identity theft or credit card fraud.
Removing Windows Abnormality Checker from Your Computer System
Because most FakeVimes malware programs can be removed easily with a reliable anti-malware program, the main difficulty in dealing with Windows Abnormality Checker is removing its associated rootkit component. To achieve this, it may be compulsory to use a strong anti-malware program with anti-rootkit components or to use an independent anti-rootkit utility. Entering the code 0W000-000B0-00T00-E0020 when asked for a serial number can stop many of Windows Abnormality Checker's error messages. However, this will not remove Windows Abnormality Checker from the infected computer system. ESG malware analysts recommend removing Windows Abnormality Checker completely due to the possibility of further intrusions into your computer system and to ensure that your personal information is safe.
SpyHunter Detects & Remove Windows Abnormality Checker
Windows Abnormality Checker Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | Protector-tisf.exe | 487420328bdcd34e4224cc4f3ae1a328 | 39 |
2. | Protector-npvl.exe | a708766a8e4d4161541d22fbb0bdf05f | 2 |
3. | %AppData%\NPSWF32.dll | ||
4. | %AppData%\Protector-[RANDOM CHARACTERS].exe | ||
5. | %AppData%\result.db |