Windows Secure Workstation
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Threat Level: | 100 % (High) |
Infected Computers: | 3 |
First Seen: | August 13, 2012 |
Last Seen: | January 8, 2020 |
OS(es) Affected: | Windows |
Despite the fact that Windows Secure Workstation resembles a real security application, ESG malware researchers consider that Windows Secure Workstation is part of a well-known malware threat. Criminals use fake security programs like Windows Secure Workstation to convince computer users to purchase expensive, useless bogus security upgrades. Windows Secure Workstation is part of a very well known family of malware known as FakeVimes. Windows Secure Workstation poses a threat to your computer and should be deleted with the help of a strong, full-updated anti-malware utility.
Table of Contents
The Windows Secure Workstation Attack and the FakeVimes Family of Malware
Continuously, since 2009, criminals have added new fake security programs to the FakeVimes family. Due to the fact that this family of malware has been around so long, most security programs usually have no problems removing these bogus security programs. However, starting in 2012 criminals started to bundle versions of the ZeroAccess rootkit with malware belonging to the FakeVimes family of malware. The rootkit component makes Windows Secure Workstation and other recent clones of this fake security program more difficult to detect or remove than ever before. Examples of clones of Windows Secure Workstation include programs with names such as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst. Because of the rootkit component mentioned above, an anti-rootkit tool may be needed to remove Windows Secure Workstation and its clones.
Taking a Look at the Windows Secure Workstation Scam
Criminals profit from the Windows Secure Workstation scam by convincing the victim that they need to upgrade this fake security program to an expensive 'full version.' To do this, Windows Secure Workstation is designed to cause numerous problems on the victim's computer, including poor system performance, browser redirects and problems accessing files. Windows Secure Workstation is also designed to harass victims with numerous fake error messages, including fake system alerts and bogus notifications from the Task Bar. Despite the fact that Windows Secure Workstation claims that the victim's computer is severely infected with numerous viruses or Trojans, ESG malware analysts recommend avoiding Windows Secure Workstation's supposed 'upgrade'. Since Windows Secure Workstation's 'full version' doesn't have any way of detecting or removing malware, purchasing this malicious, bogus security application is definitely not a good idea.
The registration code 0W000-000B0-00T00-E0020 has been effective in the treatment of other FakeVimes-related infections. However, 'registering' this fake security program will not remove Windows Secure Workstation from your computer. To do that, it will still be necessary to use a reliable anti-malware tool.
SpyHunter Detects & Remove Windows Secure Workstation
Windows Secure Workstation Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|---|
1. | Protector-ytky.exe | 89d2b47749a39d5f29d96f38138e2f20 | 1 |
2. | %AppData%\Protector-[RANDOM CHARACTERS].exe |