Windows Software Saver
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
Ranking: | 10,199 |
Threat Level: | 20 % (Normal) |
Infected Computers: | 8,892 |
First Seen: | March 24, 2012 |
Last Seen: | September 11, 2023 |
OS(es) Affected: | Windows |
Windows Software Saver is a rogue anti-virus program in the FakeVimes family of malware. Windows Software Saver is part of a large batch of FakeVimes clones responsible for numerous infections in the first months of 2012. The FakeVimes family has been around for a couple of years and usually its rogue anti-virus programs are not a particularly difficult problem for most anti-virus programs. This is because PC security researchers have had plenty of time to study these malware threats and adapt to them.
However, the main danger associated with Windows Software Saver is the fact that this recent batch of malware tends to be bundled with a rootkit component. Windows Software Saver, like most FakeVimes-type programs, tends to use file names made up of three random characters. In the case of Windows Software Saver, these three random characters are preceded with the "inspector-" string (for example, the file names would look something like "inspector-xxx.exe"), located in the system folder. If you find that your computer system has become the victim of a Windows Software Saver infection, ESG malware analysts strongly recommend using a reliable anti-virus program with anti-rootkit technology to drive it out of your hard drive.
Table of Contents
How Windows Software Saver and Its Clones Try To Steal Your Money
Windows Software Saver has dozens of clones, including such fake anti-virus programs as Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
Windows Software Saver and its clones all work in the same way, infecting a computer system and attempting to make the victim believe that their computer is the target of a severe malware attack. In fact, this is only half a lie. While the victim's computer is, in fact, being attacked with dangerous malware, the malware infection is actually composed of Windows Software Saver itself, along with several other associated malicious files that allow it to infect a computer system more effectively.
The goal of a Windows Software Saver infection is to convince the victim that they must purchase a "full version" of Windows Software Saver, which is no different from the initial version of this rogue security program. To carry out its scam, Windows Software Saver makes changes to the Windows Registry and system settings that allow Windows Software Saver to start up automatically with windows and display constant, irritating, error messages and fake system alerts claiming constantly that the victim's computer is severely infected.
Windows Software Saver Video
Tip: Turn your sound ON and watch the video in Full Screen mode.
File System Details
# | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
---|---|---|
1. | %AppData%Protector-[RANDOM 3 CHARACTERS].exe | |
2. | %AppData%NPSWF32.dll | |
3. | %Desktop%Windows Software Saver.lnk | |
4. | %CommonStartMenu%ProgramsWindows Software Saver.lnk | |
5. | %AppData% esult.db |
Registry Details
URLs
Windows Software Saver may call the following URLs:
discussmercurydifferently.com |