Windows Safe Mode
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
|Threat Level:||100 % (High)|
|First Seen:||March 18, 2011|
|Last Seen:||January 8, 2020|
There is some nasty new malware out on the Internet that calls itself Windows Safe Mode. This name is intended to confuse people, because Windows does have a mode called Safe Mode, which is a perfectly useful, harmless thing. However, the malware Windows Safe Mode is something else entirely. What's the easiest way to tell them apart? The real Windows Safe Mode is not something that does scans or generates alerts, and you don't have to pay money to obtain it.
Table of Contents
Symptoms of Infection with the Malware Windows Safe Mode
Although Windows Safe Mode's family, the FakeSysDef family has been around for a while, the malware Windows Safe Mode is very new, having only recently begun to cause significant numbers of infections. So reports are still coming in about the damage that the malware does over time, but by now, we do know a few things for sure:
- The fake Windows Safe Mode is not what Windows Safe Mode claims to be. It is not a system optimization tool, because it lacks the real capability to scan for or fix anything.
- The alerts created by this malware contain glaring spelling and grammatical errors, which are strongly indicative of fake security software.
- Windows Safe Mode performs fake system scans and generates alerts, typically stating that Windows has detected some kind of hard disk error. The malware Windows Safe Mode will tell you that the error can only be fixed if you purchase its so-called "professional" software. The malware Windows Safe Mode will direct you to a payment site, take your money, and give you nothing in return.
Furthermore, there are reports of the following issues:
- The malware Windows Safe Mode is reportedly capable of causing Windows to go into a fake Safe Mode, i.e. the mode that you can boot Windows into to disable some installed programs or malware, in order to run a fake scan.
- The malware Windows Safe Mode may prevent other programs from running.
- The malware Windows Safe Mode may be capable of redirecting your web browser or preventing you from accessing the Internet at all.
The fake Windows Safe Mode installs itself on the infected computer without the user's permission, by way of a Trojan. The Trojan is usually hidden in a video codec update on a third-party website, or it is bundled in a download from a file sharing service. The Trojan responsible for the fake Windows Safe Mode may also be downloaded by visiting a fake 'free system scan' type website. Once the Trojan is downloaded, it takes care of setting up the malware Windows Safe Mode on the affected computer.
Differences Between the Malware Windows Safe Mode and the Actual Windows Safe Mode
Remember that this fake Windows Safe Mode is not a Windows product or a Microsoft product, and it has no association to the real Safe Mode that Windows includes. Furthermore, the fake Windows Safe Mode does not even resemble the real Safe Mode, since the real Windows Safe Mode is a mode that Windows boots into, not a program that handles hard drive errors. The real Windows Safe Mode is included in Windows by default, and it does not amount any extra money. There is no good reason for anything called Windows Safe Mode to ask you to pay for its service.
The many clones of Windows Safe Mode include System Defragmenter, Ultra Defragger, HDD Control, Win HDD, Win Defrag, Win Defragmenter, Disk Doctor, Hard Drive Diagnostic, HDD Diagnostic, HDD Plus, HDD Repair, HDD Rescue, Smart HDD, Defragmenter, HDD Tools, Disk Repair, Windows Optimization Center, Scanner, HDD Low, Hdd Fix.
SpyHunter Detects & Remove Windows Safe Mode
File System Details
Detections: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.