Windows Safeguard Upgrade
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 3 |
| First Seen: | May 17, 2012 |
| OS(es) Affected: | Windows |
Windows Safeguard Upgrade Image
Even though Windows Safeguard Upgrade has all the trappings of an actual anti-malware program, ESG malware analysts classified Windows Safeguard Upgrade as a malware infection. Windows Safeguard Upgrade is part of a malware attack that has the objective of convincing computer users that they need to purchase a fake security program. Malware applications like Windows Safeguard Upgrade are known as rogue security programs. Windows Safeguard Upgrade in particular belongs to the FakeVimes family of malware, an extensive family of rogue security software.
Table of Contents
Windows Safeguard Upgrade – One of Many Fake Anti-virus Programs in the FakeVimes Family
The FakeVimes family of malware has been active and continuously updated since 2009. Due to its age, PC security analysts usually have no problems dealing with a FakeVimes-related malware infection. However, Windows Safeguard Upgrade is one of the many bogus security programs in the FakeVimes family released in 2012. These newest versions of the FakeVimes family of malware will often be bundled with a Sirefef (also known as ZeroAccess) rootkit infection that makes them difficult to remove and detect as malware. Other examples of 2012 versions of the FakeVimes family of malware include Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst. ESG security analysts recommend using a specialized anti-rootkit tool to remove Windows Safeguard Upgrade's associated rootkit component before using a reliable anti-malware program to delete Windows Safeguard Upgrade from your hard drive.
How Criminals Use Windows Safeguard Upgrade to Scam Unsuspecting Computer Users
The Windows Safeguard Upgrade scam consists in trying to convince computer users that they need to purchase a 'full version' of Windows Safeguard Upgrade which, of course, is not free. Basically, Windows Safeguard Upgrade will try to alarm the computer user by making him believe that their computer system is severely infested with viruses and Trojans. If the computer user tries to use Windows Safeguard Upgrade's supposed anti-malware features to remove these non-existent infections, Windows Safeguard Upgrade will display error messages and direct the computer user to Windows Safeguard Upgrade's website. Windows Safeguard Upgrade will claim that these supposed problems can only be removed by 'upgrading' Windows Safeguard Upgrade. Since Windows Safeguard Upgrade is actually a malware infection, and probably responsible for any problems on the victim's computer, ESG malware analysts recommend fully removing Windows Safeguard Upgrade with a real anti-malware program instead.
SpyHunter Detects & Remove Windows Safeguard Upgrade
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | Protector-jxir.exe | 9f05820de768ce99a6ba71d0c567740e | 1 |
| 2. | Protector-leer.exe | 20fe0825152fdc6a8c16825bcc233bd1 | 1 |
| 3. | Protector-vdom.exe | f774fa4c8a47f377b724286900af5d2d | 1 |
| 4. | %AppData%\Protector-{RANDOM 4 CHARACTERS}.exe | ||
| 5. | %AppData%\Protector-{RANDOM 3 CHARACTERS}.exe | ||
| 6. | %AppData%\NPSWF32.dll | ||
| 7. | %StartMenu%\Programs\Windows Pro Web Helper.lnk |
