Windows Guard Tools
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 4 |
First Seen: | May 25, 2012 |
OS(es) Affected: | Windows |
Ignore Windows Guard Tools' name; this program does not provide tools to guard your computer against malware, because Windows Guard Tools is closely associated with various Trojans and is part of a malware attack. If you find that Windows Guard Tools is installed on your computer, this is a definite sign that your machine has become exposed to dangerous malware. ESG security analysts strongly recommend removing Windows Guard Tools immediately using a reliable anti-malware application. Failure to remove Windows Guard Tools from an infected computer can expose your PC to other malware, put your sensitive data in jeopardy, and potentially cause irreparable harm to your operating system.
Table of Contents
Understanding Malware Like Windows Guard Tools
Malware infections like Windows Guard Tools are commonly known as rogue security programs. These kinds of malware infections carry out a scam that attempts to lure PC users that they need to purchase a useless fake security program, exposing their credit card information in the process. To carry out their scam, fake security programs like Windows Guard Tools will insist that the victim's computer is severely infected with malware. However, trying to fix these problems with the rogue security program will simply result in an error message and, often, being redirected to a website where the victim is urged to 'upgrade' their fake anti-virus program (a process that is, of course, not free.) Windows Guard Tools in particular has been associated with the Sirefef rootkit, a dangerous malware infection that can accompany Windows Guard Tools and prevent its rapid detection and removal. If your computer has become infected with the Sirefef rootkit, it may be necessary to use a specialized anti-rootkit tool before you can remove Windows Guard Tools.
Windows Guard Tools Belongs to a Large Family of Malware
Windows Guard Tools is part of the FakeVimes family of rogue security software, a large family of malware that has been active since 2009. However, even though most security programs can remove malware in the FakeVimes family, Windows Guard Tools' associated rootkit component can make the removal process more difficult than normal. Other examples of malware in the FakeVimes family that include a rootkit component include programs like Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
The registration number 0W000-000B0-00T00-E0020 has been observed to be effective in stopping Windows Guard Tools' irritating symptoms. However, this registration will merely stop Windows Guard Tools from displaying symptoms; it will still be necessary to remove this fake security program from your computer.
SpyHunter Detects & Remove Windows Guard Tools
Windows Guard Tools Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | Protector-hdux.exe | 7d4eb4b40260e045dbb6340b60911284 | 2 |
2. | Protector-scxq.exe | ced4214641a3e7220f6e6a4fca6eea63 | 2 |
3. | %CommonAppData%\58ef5\SP98c.exe | ||
4. | %AppData%\Windows Guard Tools\ScanDisk_.exe | ||
5. | %CommonAppData%\58ef5\SPT.ico | ||
6. | Programs%\Windows Guard Tools.lnk | ||
7. | %AppData%\Windows Guard Tools\Instructions.ini | ||
8. | %Desktop%\Windows Guard Tools.lnk | ||
9. | %AppData%\Microsoft\Internet Explorer\Quick Launch\Windows Guard Tools.lnk | ||
10. | %CommonAppData%\SPUPCZPDET\SPABOIJT.cfg | ||
11. | %StartMenu%\Windows Guard Tools.lnk |