Windows Smart Partner
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 100 % (High) |
| Infected Computers: | 5 |
| First Seen: | February 21, 2012 |
| OS(es) Affected: | Windows |
Windows Smart Partner Image
Do not be fooled by Windows Smart Partner's appearance; this application is a rogue security program. This means that Windows Smart Partner is part of a common online scam in which criminals attempt to convince inexperienced computer users to buy fake security applications. Malware in the FakeVimes family of fake security programs uses a graphic user interface that is quite similar to the one used by Microsoft Security Essentials, a legitimate Windows anti-virus tool. However, there is little in common between Windows Smart Partner and Microsoft Security Essentials beyond their graphic interface. This is because, according to ESG security researchers, Windows Smart Partner has absolutely no way to scan your hard drive for malware or remove a malware infection. In fact, Windows Smart Partner is a kind of malware infection itself.
To remove Windows Smart Partner from your computer, ESG malware analysts recommend the utilization of a good anti-malware program. While manual removal of Windows Smart Partner is certainly possible, malware tends to attack in groups, and it may be difficult for non-expert computer users to remove all malware from their computer manually. It is also important to be aware that a Windows Smart Partner infection will usually indicate that other malware is present on the victim's computer system, especially since Windows Smart Partner will usually be installed on the victim's computer with the help of a Trojan downloader or dropper. Malware in Windows Smart Partner's family of rogue security programs is commonly acquired from Trojans disguised as video codecs, which are usually found in shady pornographic websites or on pirated movies.
Table of Contents
How Criminals Attempt to Steal Their Victim’s Money Using Windows Smart Partner
There are dozens of versions of Windows Smart Partner with names such as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
All of these carry out the same attack. Basically, they take over the infected operating system and spam the victim with constant fake error messages claiming the presence of various viruses and malware infections. However, instead of removing it, Windows Smart Partner will claim that a 'full version' of this fake security program has to be purchased. Upon start-up, Windows Smart Partner will also launch a fake scan of the victim's hard drive and then display a fabricated scan report alleging that the system is severely infected. Any attempt to fix these problems with Windows Smart Partner will result in being directed to a web page asking for the victim's credit card information.
SpyHunter Detects & Remove Windows Smart Partner
Windows Smart Partner Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
| # | File Name | MD5 |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|---|
| 1. | Protector-dpq.exe | 0aeeb43fbdbee93d9e58538915356df4 | 1 |
| 2. | Protector-yqm.exe | 9710b043bc34857a7401d514994cdd60 | 1 |
| 3. | Protector-mwa.exe | 631c08b69ae506ae0beed7499a300d3c | 1 |
| 4. | Protector-gjb.exe | 85525f26b10ca75f4e01e5597bc7c751 | 1 |
| 5. | Protector-pco.exe | 877d99d940b6b4a52a6c21ac637db97e | 1 |
| 6. | %AppData%\NPSWF32.dll | ||
| 7. | %AppData%\Protector-{RANDOM CHARACTERS}.exe | ||
| 8. | %CommonPrograms%\Windows Smart Partner.lnk | ||
| 9. | %AppData%\result.db | ||
| 10. | %DesktopDir%\Windows Smart Partner.lnk | ||
| 11. | %StartMenu%\Programs\Windows Smart Partner.lnk |
Registry Details
Messages
The following messages associated with Windows Smart Partner were found:
|
Error
Keylogger activity detected. System information security is at risk. It is recommended to activate protection and run a full system scan. |
|
Error
Potential malware detected. It is recommended to activate protection and perform a thorough system scan to remove the malware. |
|
Error
Software without a digital signature detected. Your system files are at risk. We strongly advise you to activate your protection. |
|
Warning
Firewall has blocked a program from accessing the Internet. Windows Media Player Resources C:\Windows\system32\dllcache\wmploc.dll C:\Windows\system32\dllcache\wmploc.dll is suspected to have infected your PC. This type of virus intercepts entered data and transmits them to a remote server. |
|
Warning! Virus Detected
Threat detected: FTP Server Infected file: C:\Windows\System32\dllcache\wmploc.dll |
