Saturday, August 29, 2009

BlockDefense

BlockDefense

BlockDefense is a new rogue security application from WiniGuard family.

Thanks to S!Ri for the Screeny and keeping track of all the new clones from this family


Stay away from this rogue family.

Bharath M N

Friday, August 28, 2009

Spywaresignatures.com

Spywaresignatures.com

Spywaresignatures seems to compromised!

This is Ugly and currently Fakealert trojan is being pushed!

Google warns about this site!


Stay away from this site till this is sorted out.

Bharath M N

Thursday, August 27, 2009

Safety Center

Safety Center

Thanks to S!Ri

Safety Center is a new rogue security application and a clone of Privacy Center

Screenshot of Safety Center displayed on Bleepingcomputer.com


Safety Center removal instructions here

Bharath M N

SaveDefense

SaveDefense

SaveDefense is yet another rogue from the ever lasting list of WiniGuard clones. Lately we have seen many rogues from this family.

Thanks to S!Ri for the Screeny


SaveDefense removal instructions here

Bharath M N

Tuesday, August 25, 2009

TrustNinja

TrustNinja

TrustNinja is yet another clone of WiniGuard rogue security application.

Thanks to Jaxryley @ Malwarebytes for the Screeny

Screenshot of TrustNinja application


TrustNinja removal instructions here

Bharath M N

Saturday, August 22, 2009

SaveSoldier

SaveSoldier

SaveSoldier is yet another clone of WiniGuard rogue security application.

Screenshot of SaveSoldier application


Fake/Scare Scanner page used by SaveSoldier



SaveSoldier removal instructions here

Bharath M N

Wednesday, August 19, 2009

Computer Defender 2009

Computer Defender 2009

Thanks to S!Ri

Computer Defender 2009 is a new member of WinSpywareProtect family of rogue security applications.

Screenshot of Computer Defender 2009 application on S!Ri's blog


Computer Defender 2009 removal instructions here

Bharath M N

Smart Virus Eliminator

Smart Virus Eliminator

Thanks to Grinler


Smart Virus Eliminator is the new rogue security application from Virusdoctor rogue family.



Smart Virus Eliminator removal instructions here

Bharath M N

Sunday, August 16, 2009

SaveKeep

SaveKeep

SaveKeep is a new rogue security application. This is a clone of WiniGuard rogue security application.

Screenshot of SaveKeep splash screen


Screenshot of SaveKeep application


Screenshot of fake Security center



Screenshot of alerts displayed by Trojan


We have seen the generic code/empty project template that this gang use. They just rename the project and a new rogue is ready to scam unsuspecting users.

They have also made generic video tutorials on how to install and register this rogue.

SaveKeep removal instructions here

Stay away from this rogue family.

Bharath M N

Saturday, August 15, 2009

Total Security

Total Security

Thanks to MAK

Total Security is new rogue security application and a clone of System Security.

Screenshot of Total Security application


Screenshot of Total Security homepage


Screenshot of various alerts displayed Total Security application



Bharath M N

Wednesday, August 12, 2009

Windows Protection Suite

Windows Protection Suite



Thanks to S!Ri

Windows Protection Suite is the new cloned rogue security application from Virusdoctor rogue family.




Screenshot of Windows Protection Suite application from S!Ri blog



Bharath M N

Tuesday, August 11, 2009

Winishield

Winishield

Thanks to S!Ri

Winishield is a new rogue security application. This is a clone of WiniGuard rogue security application.

Screenshot of Winishield application


Winishield removal instructions here

Bharath M N

Monday, August 10, 2009

Antispy Protector 2009

Antispy Protector 2009

Thanks to S!Ri

Antispy Protector 2009 is a new member of WinSpywareProtect family of rogue security applications.

Screenshot of Antispy Protector 2009 application


Bharath M N

Saturday, August 8, 2009

All for One!

All for One!

While checking the different sites used by WiniFighter rogue campaign, we observed that this rogue uses many fake/scare scanner page templates which is/was used by different family of rogue security applications.

On one particular site we found 15 different fake/scare scanner pages.

Template 1:



Template 2:



Template 3:



Template 4:




Template 5:



Template 6:



Template 7:




Template 8:




Template 9:



Template 10:



Template 11:



Template 12:




Template 13: The Classic BSOD which is used by many rogue security applications. recent reports here and here




Template 14:




Template 15: This uses a look alike of KOS and more info
here

The download from this site displays Fake Windows Security center page and fake Security center alerts to lure users into purchasing
WiniFighter rogue application.




Bharath M N