Windows Safety Tweaker
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 1 |
| First Seen: | March 12, 2012 |
| OS(es) Affected: | Windows |
Windows Safety Tweaker is part of a huge family of rogue security programs named FakeVimes. This is because the many different versions of Windows Safety Tweaker are all caused by different versions of the same Trojan infection, which Microsoft identifies as . Windows Safety Tweaker's family of malware has been around in different versions since at least 2009. Since the basic core of these rogue security programs has remained unaltered since that date, removing Windows Safety Tweaker and its clones should not be particularly difficult for most reliable security programs.
Some examples of the numerous clones of Windows Safety Tweaker are
However, most of the time Windows Safety Tweaker will not be the most dangerous problem on the victim's computer. ESG malware analysts have received reports of clones of Windows Safety Tweaker that are bundled along with dangerous rootkit infections like ZeroAccess or Alueron, along with a host of browser hijackers and backdoor Trojans which form a multi-component malware attack on the victim's computer on multiple fronts. ESG malware analysts recommend maintaining your security software always updated so it will be able to find the latest versions of baddies associated with Windows Safety Tweaker. It may be necessary to use a rootkit-removal tool for some instances of Windows Safety Tweaker infection, as well as having to start up the infected computer in Safe Mode or from an external drive.
Table of Contents
How Windows Safety Tweaker and Its Clones Try to Steal Your Money
ESG malware researchers have detected hundreds of different fake error messages and misleading screens used by Windows Safety Tweaker and its clones. Basically, when Windows Safety Tweaker is installed, Windows Safety Tweaker makes changes to the Windows Registry which allows Windows Safety Tweaker to display highly-authentic error messages that make you believe are from the infected computer system. Malware in the FakeVimes family of rogue security programs is characterized by the use of highly-convincing error messages and professional-looking interfaces and fake scans. The point of these is to attempt to convince the victim that they should purchase Windows Safety Tweaker, handing over their credit card information. At the least, this can lead to having your money stolen, although giving over your credit card information is also dangerous because it can become identity theft or credit card fraud.
SpyHunter Detects & Remove Windows Safety Tweaker
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | Protector-auc.exe | fdf57ae55c49b17c21acbfe45809ca21 | 1 |
| 2. | %AppData%\Protector-[RANDOM 3 CHARACTERS].exe | ||
| 3. | %AppData%\NPSWF32.dll | ||
| 4. | %AppData%\result.db | ||
| 5. | %Desktop%\Windows Safety Tweaker.lnk | ||
| 6. | %CommonStartMenu%\Programs\Windows Safety Tweaker.lnk |
Registry Details
Messages
The following messages associated with Windows Safety Tweaker were found:
|
Error
Attempt to run a potentially dangerous script detected. Full system scan is a highly recommended. |
|
Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan. |
|
Error
Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection. |
|
Torrent Alert
Recomended: Please use secure encrypted protocol for torrent links. Torrent link detected! Receiving this notification means that you have violated the copyright laws. Using Torrent for downloading movies and licensed software shall be prosecuted and you may be sued for cybercrime and breach of law under the SOPA legislation. Please register your copy of the AV to activate anonymous data transfer protocol through the torrent link. |
|
Warning
Firewall has blocked a program from accessing the Internet. Windows Media Player Resources C:Windowssystem32dllcachewmploc.dll C:Windowssystem32dllcachewmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server. |
