Friday, July 31, 2009

Smart Protector

Smart Protector

Thanks to S!Ri

Smart Protector is new rogue security application from the System Guard 2009 rogue family.

Screnshot of Smart Protector application

Screenshot of Smart Protector website


Installing Smart Protector does not detect anything on the system as the scanner database is empty.

When we replaced the files with its predecessor scanner database file the rogue came alive with its true colors.




Smart Protector removal instructions here

Bharath M N

Tuesday, July 28, 2009

Privacy Center

Privacy Center

Thanks to S!Ri

A new variant of Privacy Center rogue is making its rounds. The new variant is a combination of old Privacy Center and Secret Service

Screnshot of Privacy Center application




Bharath M N

Monday, July 27, 2009

Windows Antivirus Pro

Windows Antivirus Pro

Windows Antivirus Pro is a new rogue security application. This one is a new nasty clone from the ASC-AntiSpyware rogue family.

Windows Antivirus Pro rogue is distributed through fake code infection.

Screnshot of Windows Antivirus Pro application


They also place the following malicious BHO which displays annoying popups luring users to purchase the rogue security application.
O2 - BHO: ICQSys (IE PlugIn) - {F54AF7DE-6038-4026-8433-CC30E3F17212} - C:\WINDOWS\system32\dddesot.dll



The rogue also hijacks the desktop displaying the following warning message.

Due to the ransomware behavior of the rogue its much more difficult to remove the infection.

Try out the steps mentioned by Grinler on Bleepingcomputer to remove Windows Antivirus Pro infection.

Bharath M N

Sunday, July 26, 2009

AVCare

AVCare

AVCare is a new rogue security applications. The Rogue uses fake/scare scanner pages to lure the users into downloading this rogue security application.

Fake/Scare scan page used by AVCare


Screnshot of AVCare application




AVCare removal instructions here

Bharath M N

Wednesday, July 22, 2009

Powered by Ctrl+C N Driven by Ctrl+V

Powered by Ctrl+C N Driven by Ctrl+V

We have seen lot of rogue security application using the same code and almost similar tactics to scam the users.

Lately we saw XP Deluxe Protector rogue security application using an old fake/scare scanner template which was extensively used by the Antivirus 2008 rogue variants in early 2008.

Screenshot of classic Scare/Fake scan page template used by XP Deluxe Protector

The installer pushed by the fake scanner page then displays a fake Windows Security Alert which further downloads and installs XP Deluxe Protector rogue security application

Site involved:
Antispy2009 net
Downloadsoftwareserver3 com
Xp-deluxeprotector com


Bharath M N

Tuesday, July 21, 2009

Security Mechanic

Security Mechanic

Security Mechanic is a new rogue security application. This one is a clone of Spy Protector rogue security application.

Screnshot of Security Mechanic application

Fake/Scare scan page used by Security Mechanic


Security Mechanic removal instructions here

Bharath M N

Saturday, July 18, 2009

Home Antivirus 2010

Home Antivirus 2010

Home Antivirus 2010 is a new rogue security application distributed through Trojan-Downloader.braviax infection.

Home Antivirus 2010 is a clone of WinReanimator rogue security application.

Screnshot of Home Antivirus 2010 application



They also have left the traces of WinTechProtection LTD in the main executable file!

Some of the sites used by this rogue:

Home-av-2010 com
Home-av2010 com
Homeav2010 com
Home-anti-virus-2010 com
Homeantivirus2010 com
Home-antivirus2010 com
Homeanti-virus-2010 com
Home-anti-virus2010 com
Home-anti-virus-2010 com
Homeanti-virus2010 com
Homeantivirus-2010 com
Home-antivirus-2010 com

Home Antivirus 2010
removal instructions here

Bharath M N

Saturday, July 11, 2009

Fake Microsoft Windows Malicious Software Removal Tool

Fake Microsoft Windows Malicious Software Removal Tool

Thanks to RogueWatch

Screnshot of Fake MSRT





More information on CA blog

Bharath M N

Secret Service

Secret Service

Thanks to S!Ri

Secret Service is a new rogue Security application.

Screnshot of Fake Security Center


Bharath M N

Friday, July 10, 2009

WiniFighter

WiniFighter

WiniFighter is a new rogue security application. This is a clone of WiniGuard rogue security application.


Screenshot of WiniFighter application


WiniFighter removal instructions here

Bharath M N

Smart Defender Pro

Smart Defender Pro

Thanks to S!Ri

Smart Defender Pro is a new member of WinSpywareProtect family of rogue security applications.

Screenshot of Smart Defender Pro application


Smart Defender Pro removal instructions here

Bharath M N

Thursday, July 9, 2009

PC Security 2009

PC Security 2009

PC Security 2009 is a new rogue security application and a clone of WinReanimator

Screnshot of PC Security 2009 application
This Fiamily of rogue security applications are usually pused through Trojan-Downloader.braviax infection.


Screnshot of Fake Security Center


PC Security 2009 removal instructions here

Bharath M N

Tuesday, July 7, 2009

Security Central

Security Central

Thanks to MAK

Security Central is new rogue security application and a clone of Spyware Protect 2009.

Screenshot of Security Central application


Security Central replaces Barracuda Antivirus rogue security application


Bharath M N

Windows Security Suite

Windows Security Suite

Windows Security Suite is the new rogue security application from Virusdoctor rogue family.

Screenshot of Windows Security Suite rogue security application


Windows Security Suite removal instructions here

Bharath M N

Wednesday, July 1, 2009

Barracuda Antivirus

Barracuda Antivirus

Thanks to MAK

Barracuda Antivirus is new rogue security application and a clone of Spyware Protect 2009.

Screenshot of Barracuda Antivirus application


Bharath M N

AntivirusBest

AntivirusBest

Thanks to S!Ri

AntivirusBest is yet another rogue security application from SpywareNo\ SpySheriff Family of rogue security application.

Screenshot of AntivirusBest rogue security application


AntivirusBest removal instructions here

Bharath M N