Vista Guardian

March 9th, 2010

Vista Guardian is a rogue anti-spyware program which usually spreads via trojan. This fake application installs to user’s computer without their knowledge. Once your PC is started the parasite starts its fraudulent scans.

As a result of those scans you will see fake warnings which malware floods on your computer’s desktop. This is all scam and you don’t need to pay attention to it. In this way Vista Guardian tries trick you into purchasing supposedly legal security tool. Malware hijacks your browser to the website which advertises “full” version of fake anti-spyware program. Instead of paying money for this fake security tool use decent anti-spyware tool and remove the parasite from your computer.

Posted in Rogue Antispyware

Tags:

CleanUp Antivirus

March 8th, 2010

CleanUp Antivirus is another rogue security tool, which is a clone of Security Antivirus malware. The parasite installs to user’s computer without any preliminary notice. At this point it will not ever ask for your approval before installing into your system. What is more it spreads with a help of trojan horse, which enters the system through its vulnerable places. Once this scamware successfully downloads onto user’s computer, it adds a number of files which are later ‘found’ by CleanUp Antivirus and labeled infections.

If you noticed that your computer started to work slower, or it is scanned by unknown security tool which looks like legal, or your browser homepage is hijacked to a site which advertises CleanUp Antivirus, or you keep getting security alerts that your PC is infected, you have to pay attention to these features, because it is a sign your computer might have an infection. However, do not purchase fake CleanUp Antivirus, because it is not a real security tool. Warnings you are getting are fabricated and you are safe to ignore it. Use a reputable anti-spyware program and terminate malware as soon as possible.

Posted in Rogue Antispyware

Tags:

XP Antispyware 2010

March 5th, 2010

XP Antispyware 2010 is dangerous rogue security program. It’s not a spyware remover as you may think after reading its name; XPAntispyware 2010 is a fraud and a malware. It is distributed via misleading online advertisements and it also spreads with help of trojans.

XP Antispyware 2010 demands purchasing the program for deleting threats found on victim’s computer. The tool only “detects” imaginary infections so the only thing user should be worried about is XPAntispyware2010 itself. The program blocks real security applications. It also hijacks web browser and interrupts web surfing.

XP Antispyware 2010 displays numerous falsified security notifications to trick people into buying the fake program. Here are some of the fabricated alerts:

XP Antispyware 2010 Firewall Alert
XP Antispyware 2010 has blocked a program from accessing the internet
Internet Explorer is infected with Trojan-BNK.Win32.Keylogger.gen
Private data can be stolen by third parties, including credit card details and passwords.
Windows recommend Activate XP Antispyware 2010
Click “Yes, Activate…” to register your copy of XP Antispyware 2010 and perform threat removal on your system.

XP Antispyware 2010 – Unregistered Version
Attention: DANGER!
ALERT! System scan for spyware, adware, trojans and viruses is complete. XP Antispyware 2010 detected 28 critical system objects. These security breaches may be exploited and lead to the following:
! Your system becomes a target for spam and bulky, intruding ads
! Browser crashes frequently and web access speed decreases
! Your personalfiles, photos, document and passwords get stolen
! Your computer is used for criminal activity behind your back
! Bank details and credit card information gets disclosed
Click REGISTER to register your copy of XP Antispyware 2010 and perform threat removal on your system. The list of infections and vulnerabilities detected will become available after registration.

Posted in Rogue Antispyware

Tags:

TrustWarrior

September 18th, 2009

TrustWarrior is a rogue program from SoftSafeness, SafetyKeeper, QuickHealCleaner, BlockDefense, SystemCop and some other rogues family. Trust Warrior serves the purpose of convincing the user that heir computer is full of infections, when the only real security threat is TrustWarrior itself. Trust Warrior may hijack web browser and redirect user to malicious websites or fraudulent web searches results. It also slows a system down.

TrustWarrior removal help
TrustWarrior scam
Remove TrustWarrior

Posted in Rogue Antispyware

Tags:

Windows PC Defender

September 18th, 2009

windows pc defender

Windows PC Defender is a fraudulent program trying to gain a purchase by presenting itself as part of Windows operating system. The look of this fraud is a copy of Windows Defender, the legitimate anti-spyware tool.

WindowsPC Defender usually infects the system when a corrupt website is visited and the program is downloaded and installed by trojans without making any notice to the user.

Windows PC Defender is a clone of OmegaAntivir, Windows Additional Guard, Windows Guard Pro, Ultimate System Guard family fake programs

Windows PC Defender removal help
Windows PC Defender Rogue
Windows PC Defender Removal Guide

Posted in Rogue Antispyware

Tags:

Koobface worm is back

July 21st, 2009

Koobface is dangeroud worm which spreads via social networks. It was attacking facebook.com, bebo.com, myyearbook.com, blackplanet.com, myspace.com, friendster.com users. It’s back now and Twitter users can experience the problem too.

Koobface infects a profile and sends a message to all friends via social network messaging system linking to a fake video. Whoever gets interested in the movie clip, he/she is urged to update Flash player. The update is actually a copy of Koobface worm. The link leads to a fraudulent website which offers downloading either a video codec or Flash player update. If user downloads the file, he/she gets a copy of Koobface worm onto computer.

Read more about Koobface:

Posted in Worm

Tags:

Secure Antivirus Pro

May 25th, 2009

secure-antivirus-pro

Secure Antivirus Pro enters the system through Zlob or Vundo trojans and installs its ‘trial version’ without the user’s permission. It then stars loading fake security warning messages and pretends to perform security scans and find various infections and parasites.

Secure Antivirus Pro imitates to scan your computer and displays fake reports and messages, such as:

“It seems that your computer is infected with W32:Virut virus. This threat has been designed to steal money, Internet accounts, send massive amounts of spam, and commit various kinds of fraud.
It is recommended that you remove this threat immediately to avoid participating in criminal activity.
Do you want to remove Virut now?”

Secure Antivirus Pro is just a scam, which tries to fool you into buying its non-existing full version.

Posted in Rogue Antispyware

Tags:

Presto TuneUp

May 25th, 2009

Presto TuneUp is a rogue anti-spyware application programmed to trick the unsuspecting user into purchasing the useless Presto TuneUp software. This malicious program is the successor of the other infamous malware application Virus Doctor. Presto TuneUp is installed into your computer by Vundo Trojan or other system parasites that get into the system if it does not have a proper security software.

presto-tuneup-total-doctor

Presto TuneUp Total Doctor is a fake system security program, which does nothing but perform fake computer scans in search for viruses and display false warning massages about system threats and infections. None of this is real.

Posted in Rogue Antispyware

Tags:

Conficker.C (Conficker C)

April 7th, 2009

Conficker worm disables security applications and blocks many security related websites. This feature alone is quite dangerous because compromised machine becomes vulnerable for various cyber attacks. However, the main goal of the worm is to join computers into a giant botnet. Since a machine infected with Conficker is unprotected, it can be infected with other malwares. This can lead to stolen information and other problems. Zombie networks are usually employed to do different jobs: they might be used to send spam, to do DDoS attacks and to cause similar troubles. Once a computer is infected with Downadup a.k.a. Conficker, it can be used for all these things any time.

Click here to remove Conficker manually.

Click here to remove Conficker B++ manually.

Click here to remove Conficker.C a.k.a. w32.Downadup.C manually.

Conficker.C is distributed very effectively through the local networks and removable memory. If your computer belongs to any local network, your chances to be infected are increasing in direct proportion to the number of computers in that network.  That is to say that Conficker.C, unlike adware, is hardly detectable without special program, and Conficker.C removal may be problematic, because the program may replicate itself and hide the copies at various locations. It is rather possible to assess your chances to be infected, but not to detect Conficker.C.
However, the trojan presence may be established, if the trojan has already hijacked the browser and blocked all the websites and / or disabled legitimate programs, especially security tools, and / or disabled Windows Installer so that you cannot install new programs, hence you cannot install any antivirus as well.

Conficker.C, aka Worm:Win32/Conficker.D, W32/Confick-G, and Trojan.Win32.Pakes.ngs, is a brand new modified version of the horrible Conficker worm which caused PC users’ lots of headaches since being spotted in late 2008. Conficker.C is scheduled to attack on April 1st. Conficker.C will have the ability to perform many damaging acts to your computer. It will try to disable your Windows Automatic Update and stop you from accessing Windows Security Center. Conficker.C will prevent you from restarting in Safe Mode and delete all your system restore points.

Security experts have discovered a security hole within the coding that commands Conficker Worm. This discovery may be the light at the end of the tunnel for those who worry that Conficker.C may be a devastating and an uncontrollable worm infection, infecting millions of computers all over the world. You may ask, what is this special discovery and how will it ease the worry of Conficker.C?

The new discovery, that could make it easier to isolate Conficker infected systems, is not being heavily emphasized because it could give criminals a way to secretly hijack millions of computers. Security researchers and even the Conficker Cabal, a group of anti-worm researchers, are aware that exploiting too much information about discovered lapses or vulnerabilities within the Conficker coding could give the creators or hackers a new alternative to making Conficker or a newer worm infection even more devastating.

Posted in Worm

Tags:

General Antivirus (GeneralAntivirus)

March 23rd, 2009

General Antivirus is a clone of the infamous InternetAntivirus Pro fraud (learn more about Internet Antivirus Pro malware). General Antivirus offers deleting computer threats after user pays for keeping the tool. The program isn’t capable of scanning a computer; it only fabricates scan reports to trick people into paying money.

These are the most common falsified alerts loaded by General Antivirus scam:

“General Antivirus has probably found malicious software that might harm your computer and compromised your privacy.

generalantivirus

General Antivirus is latest rename of Spyware Guard 2009, Internet Antivirus Plus and Antivirus 36o. As we can see the names become more generic each day to give virus  manufacturers more freedom of confusing victims. Of couse, you can promote such fake remover like General Antivirus  without help of trojans planted in user system.

There are several signs that you are infected with General Antivirus, including fake windows security center (havent we seen that many times before? ), fake windows alerts stating that your computer is under attack or that you are infected by a parasite and random messages in Internet Explorer. They have lots of imagination at naming alerts too: some of General antivirus alerts are from “firewall”, some “Infiltration Alerts” are labeled as generated by windows system itself, or Internet Explorer. Of couse, all these are fakes, though inexperienced user might not see the difference.

General Antivirus (GeneralAntivirus) represents the achievements of rascals united in the group named Innovagest. The group also develops and promotes other fake security tools. The most notorious names among them are Internet Antivirus Pro and Alfa Cleaner. General Antivirus is adverted through the promo-version and fake online scanners. The online scanner is a primitive show with few interactive elements and popping-up alerts which aim is to mislead user into buying General Antivirus or installing the full version. The trialware may be downloaded and installed manually or automatically in the secret mode by trojan that had to be previously downloaded. The consequences of General Antivirus activities, both of its trial and full version, are unlikely to please you. General Antivirus slow computer down as it runs its scans and generate alerts by its own initiative, and that create shortage of available system resources and interferes with other active programs.

The malware creators did not want to leave us alone. They launched a new attack on the Internet, with this new malware called General Antivirus. General Antivirus is also known as GeneralAntivirus. General Antivirus normally comes up after you visited some malicious websites, or installed a video codec that come with Trojan, malware and virus. General Antivirus usually generates fake and misleading system error messages. The purpose of General Antivirus is to trick innocent web surfers into purchasing General Antivirus. Please be alerted with General Antivirus.

Posted in Rogue Antispyware

Tags: