Windows Component Protector
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 20 % (Normal) |
| Infected Computers: | 65 |
| First Seen: | April 10, 2012 |
| Last Seen: | October 22, 2021 |
| OS(es) Affected: | Windows |
Windows Component Protector Image
Windows Component Protector resembles a legitimate security program. However, the resemblance is only superficial; in fact, Windows Component Protector is actually a malware infection that belongs to a large family of malware. These kinds of malware infections are known as rogue security programs. Rogue security programs such as Windows Component Protector are designed to fool computer users into thinking that their computer system is infected with malware in order to convince them to purchase a useless fake security tool. Windows Component Protector belongs to a particularly large family of rogue anti-virus software known as Rogue:FakeVimes.
FakeVimes programs are characterized by their use of file names made up of three random characters, by their ability to disable legitimate security software on the infected computer system, and by being bundled along with a rootkit component that makes them particularly dangerous. This rootkit component has been detected in all FakeVimes variants released after 2012, a large batch of malware that includes fake security programs with names like Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
However, their pairing with the ZeroAccess rootkit makes post-2012 FakeVimes clones particularly difficult to deal with. ESG security analysts advise utilizing a specialized anti-rootkit tool in order to remove the rootkit component before attempting to remove Windows Component Protector with a reliable anti-malware application.
Table of Contents
Understanding the Basics of the Windows Component Protector Scam
The Windows Component Protector scam is primarily geared towards inexperienced computer users. Basically, Windows Component Protector will spam the victim with many fake error messages and alarming security alerts. Then, after convincing the victim that their computer system is under attack, Windows Component Protector will offer to fix these non-existent problems in exchange for the purchase of a registration key for a 'full version' of Windows Component Protector. However, since Windows Component Protector has no actual anti-malware capabilities, ESG security analysts strongly advocate against spending money with this useless application. Instead, it is important to take immediate action in order to remove Windows Component Protector with a real anti-malware program. Windows Component Protector's constant error messages and browser redirects can hinder the normal operation of an infected computer system, as well as making that computer more vulnerable to other attacks.
Windows Component Protector Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %AppData%\Inspector-[RANDOM CHARACTERS].exe | |
| 2. | %AppData%\npswf32.dll | |
| 3. | %CommonPrograms%\Windows Component Protector.lnk | |
| 4. | %DesktopDir%\Windows Component Protector.lnk |
Registry Details
Messages
The following messages associated with Windows Component Protector were found:
|
Error
Trojan activity detected. System data security is at risk. It is recommended to activate protection and run a full system scan. |
|
Warning
Firewall has blocked a program from accessing the Internet C:program filesinternet exploreriexplore.exe is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server. |
|
Warning! Identity theft attempt Detected
Hidden connection IP: 58.82.12.124 Target: Your passwords for sites |
