Windows Protection Suite
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Ranking: | 15,683 |
| Threat Level: | 100 % (High) |
| Infected Computers: | 25 |
| First Seen: | August 27, 2009 |
| Last Seen: | May 6, 2024 |
| OS(es) Affected: | Windows |
Windows Protection Suite Image
Windows Protection Suite is a rogue anti-spyware application that is part of an enormous family of fraudulent security software, the FakeVimes family. Windows Protection Suite infiltrates a computer without user approval or knowledge. Once active, Windows Protection Suite displays false system scanners and fabricated security alerts, in order to intimidate the user into believing that the computer is heavily infected. The user is then prompted to purchase and download the commercial version of Windows Protection Suite in order to combat these fictitious threats.
There are countless rogue security programs plaguing the Web all around the world. Some of these programs are clones of Windows Protection Suite, except that its designers had made small changes to their names and interface. The clones of Windows Protection Suite include Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Work Catalyst. 
Table of Contents
Aliases
15 security vendors flagged this file as malicious.
| Anti-Virus Software | Detection |
|---|---|
| Panda | Suspicious file |
| AVG | Downloader.Generic10.AYEU |
| Ikarus | Trojan-Downloader.SuspectCRC |
| AhnLab-V3 | Adware/Win32.AdMedia |
| AntiVir | Adware/AdMedia.or.1 |
| DrWeb | Adware.Dodoor.330 |
| Kaspersky | not-a-virus:AdWare.Win32.AdMedia.or |
| TrendMicro | TROJ_FAKEAV.DID |
| NOD32 | Win32/Adware.VirusAlarmPro |
| McAfee-GW-Edition | Riskware.Fake.WPS.25 |
| McAfee | Generic Packed.a |
| K7AntiVirus | Trojan.Win32.Malware.1 |
| Ikarus | Trojan.Win32.FakeVimes |
| CAT-QuickHeal | Trojan.FraudPack.gen |
| AVG | Generic4.MBH |
SpyHunter Detects & Remove Windows Protection Suite
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | Ulisess Seguridad 10.0.4.exe | 4558da71cc394fa2e9c9e2bcffead632 | 4 |
| 2. | 7b98790fb99b7de35d9cef0d0c535610eaf9540122adc51d75301bda6a27fd54 | f09168f9f1b4a547b567867888acd999 | 3 |
| 3. | 0b7a1426e25cc6b34e9e6234f6f8f9cdbbacf2988356a4a99668b15fa4319797 | 0db269fa1ddae6e0fda30d4f424924f8 | 3 |
| 4. | 2c14e76acfca4000c4db60b2797ee556bdc90f7bcb7e697270acfac9304e6497 | 6f1d2d86dc08c2ed7b34aed11de78b47 | 3 |
| 5. | 7bf69a8f200199a7d966c5d24c10fe83676538e31c14ba796c54d8961744c4a8.exe | 734ba2ce099e740c590507c97c0f623f | 3 |
| 6. | 36a2739e264560440342dcc63302405034420009e48e76422389fd367329dafc | 003ddeeb380e33646d94ace75ac89b91 | 3 |
| 7. | %UserProfile%\Recent\energy.dll | ||
| 8. | %UserProfile%\Recent\kernel32.dll | ||
| 9. | %UserProfile%\Recent\runddl.dll | ||
| 10. | %UserProfile%\Recent\std.exe | ||
| 11. | %Documents and Settings%\All Users\Application Data\345d567\mozcrt19.dll | ||
| 12. | %ProgramFiles%\Windows Protection Suite\Windows Protection Suite.dll | ||
| 13. | %UserProfile%\Recent\dudl.sys | ||
| 14. | %UserProfile%\Recent\grid.sys | ||
| 15. | %UserProfile%\Recent\PE.dll | ||
| 16. | %UserProfile%\Recent\snl2w.exe | ||
| 17. | %UserProfile%\Desktop\WindowsProtectionSuite.exe | ||
| 18. | %Documents and Settings%\All Users\Application Data\345d567\WI345d.exe | ||
| 19. | %UserProfile%\Recent\CLSV.exe | ||
| 20. | %UserProfile%\Recent\grid.dll | ||
| 21. | %UserProfile%\Recent\tempdoc.dll | ||
| 22. | %UserProfile%\Recent\SM.dll | ||
| 23. | %Program Files%\WindowsProtectionSuite\WindowsProtectionSuite.exe | ||
| 24. | %Documents and Settings%\All Users\Application Data\345d567\sqlite3.dll | ||
| 25. | %TempDir%\[RANDOM CHARACTERS].dll | ||
| 26. | %UserProfile%\Application Data\Windows Protection Suite\cookies.sqlite | ||
| 27. | %UserProfile%\Recent\ANTIGEN.drv | ||
| 28. | %Program Files%\WindowsProtectionSuite\WindowsProtectionSuite.url | ||
| 29. | %UserProfile%\Start Menu\WindowsProtectionSuite.lnk | ||
| 30. | %UserProfile%\Start Menu\Windows Protection Suite 2009.lnk | ||
| 31. | %UserProfile%\Application Data\Windows Protection Suite 2009\Instructions.ini | ||
| 32. | %Documents and Settings%\All Users\Application Data\345d567 | ||
| 33. | %Documents and Settings%\All Users\Application Data\345d567\26.mof | ||
| 34. | %Documents and Settings%\All Users\Application Data\345d567\WINSSSys\vd952342.bd | ||
| 35. | Windows Protection Suite | ||
| 36. | %CommonPrograms%\Startup\56a10a26-dc02-40f3-a4da-8fa92d06b367_33.lnk | ||
| 37. | %Desktop%\Windows Protection Suite.lnk | ||
| 38. | %UserProfile%\Application Data\Windows Protection Suite | ||
| 39. | %UserProfile%\Desktop\Windows Protection Suite.lnk | ||
| 40. | %UserProfile%\Recent\PE.tmp | ||
| 41. | %UserProfile%\Start Menu\Programs\WindowsProtectionSuite | ||
| 42. | %UserProfile%\Start Menu\Programs\WindowsProtectionSuite\WindowsProtectionSuite Website.lnk | ||
| 43. | %UserProfile%\Application Data\Windows Protection Suite 2009 | ||
| 44. | %UserProfile%\Desktop\Windows Protection Suite 2009.lnk | ||
| 45. | %Documents and Settings%\All Users\Application Data\WINSSSys | ||
| 46. | %Documents and Settings%\All Users\Application Data\345d567\working.log | ||
| 47. | %UserProfile%\Start Menu\Programs\Windows Protection Suite.lnk | ||
| 48. | %CommonAppData\56a10a26-dc02-40f3-a4da-8fa92d06b367_.mkv | ||
| 49. | %AppData%\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk | ||
| 50. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite.lnk | ||
| 51. | %UserProfile%\Application Data\Windows Protection Suite\Instructions.ini | ||
| 52. | %UserProfile%\Recent\DBOLE.drv | ||
| 53. | %Program Files%\Mozilla Firefox\searchplugins\search.xml | ||
| 54. | %UserProfile%\Start Menu\Programs\WindowsProtectionSuite\WindowsProtectionSuite.lnk | ||
| 55. | %UserProfile%\Start Menu\Programs\Windows Protection Suite 2009.lnk | ||
| 56. | %UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Protection Suite 2009.lnk | ||
| 57. | %Documents and Settings%\All Users\Application Data\345d567\WINSSSys | ||
| 58. | %Documents and Settings%\All Users\Application Data\345d567\WINSS.ico | ||
| 59. | %Documents and Settings%\All Users\Application Data\WINSSSys\winss.cfg | ||
| 60. | %ProgramFiles%\Windows Protection Suite | ||
| 61. | %Programs%\Startup\56a10a26-dc02-40f3-a4da-8fa92d06b367_33.lnk | ||
| 62. | %AppData%\Windows Protection Suite | ||
| 63. | WIfe7a.exe | e74a44e6b33cdcfb6c14e55501764d1d | |
| 64. | WI60ed.exe | 4af0d55f23586d1d0adb82fff218958e | |
| 65. | WI2106.exe | 734ba2ce099e740c590507c97c0f623f | |
| 66. | WIc182.exe | 9deeecedfd5ac77d5ce83769ac2612f6 | |
| 67. | WI2703.exe | f09168f9f1b4a547b567867888acd999 | |
| 68. | WI3e45.exe | 48b04d0a88974836cb2bb33381d0c83e | 0 |
| 69. | WI3db3.exe | e30fedc6bf53a805ec586ed1cba517fc | 0 |
| 70. | WI7a8f.exe | c49fad15feec77235373553d4fef99b3 | 0 |
| 71. | ReleaseXP[1].exe | 4fb10d7bb7169f0a66dbb48f8963e0fb | 0 |
| 72. | ActivatedSetup[1].exe | 4661101706083c24676642226051fdbd | 0 |
| 73. | WIa744.exe | a574f606b9f985dc88ca61d03d90f863 | 0 |
| 74. | WIb87c.exe | 741376ecccb187f4bffdcec701081daa | 0 |
| 75. | WI15af.exe | 1a6b142bc316034f5a20402665a7ad40 | 0 |
| 76. | WI7418.exe | ffcf6eb75fabd8613cb1de4011131229 | 0 |
| 77. | WId2ba.exe | 1e07f21d12f37814ff85d69a1c23e17a | 0 |
| 78. | WI7f24.exe | 8713db1bd1a63855e53309fd3c5fde4f | 0 |
| 79. | WIac55.exe | 93b7a38ff4c3a56077f0c2c8bc67d53c | 0 |
| 80. | WI81c9.exe | cc351cec273339cf100fafcd1f3bc7eb | 0 |
| 81. | WI4ae8.exe | 8e483d6c01c404506309b04cfa77b0d1 | 0 |
| 82. | WI577a.exe | 49aa8e92c3eb273fd04c116b48d1b7ad | 0 |
| 83. | WIb33d.exe | 57618a38c9a1b53e53a706eda74bdc44 | 0 |
| 84. | WId747.exe | 3b1fd82d731620f60f2e75579037c658 | 0 |
Registry Details
Messages
The following messages associated with Windows Protection Suite were found:
| "System Alert! Malicious applications, which can contain trojans, were found on your PC and need to be immediately removed. Click here to remove these potentially harmful items using Windows Protection Suite". |
