Virus Protector

Virus Protector

Virus Protector is the first of the fourth generation rogue from the WiniGuard rogue family.

The rogue creates fake files which it picks up later in the scan to scare users into thinking that their system is infected.

Screenshot of Virus Protector splash screen

Screenshot of Virus Protector application

Screenshot of warning message displayed by Virus Protector application

Virus Protector removal instructions here

Bharath M N

PC Defender

PC Defender

PC Defender is another program that needs to be added to the list of existing rogue security applications.

PC Defender comes disguised as codec update to view online porn videos.

Screenshot of PC Defender application

PC Defender removal instructions here

Bharath M N

Antimalware Doctor

Antimalware Doctor

Antimalware Doctor is another rogue security application that needs to be avoided.

Screenshot of Antimalware Doctor application

Antimalware Doctor removal instructions here

Bharath M N

Personal Anti Malware

Personal Anti Malware

Personal Anti Malware is a new rogue security application which comes in replacement of Antivirus'09.

Series of screenshot through Personal Anti Malware installation to its fake scan completion.

Take a look at Personal Anti Malware application screenshot the rogue actually detects its own files.




Once you register Personal Anti Malware the rogue then upgrades itself to Personal Anti Malware Center its so called full version.

Series of screenshot through the rogue upgrade from Personal Anti Malware to Personal Anti Malware Center.






Does the logo of Personal Anti Malware Center look familiar?

Yes it looks familiar to me, its a close resemblance of SunbeltSoftware's VIPRE Antivirus logo.

Out of Curiosity, We tried registering Antivirus'09 to see what this rogue upgrades to.

Out of the old data available we found that once you register Antivirus'09 rogue security application it was designed to upgrades itself to Antivirus Protection Center.

Series of screenshot through the rogue upgrade from Antivirus'09 to Antivirus Protection Center.





If you are looking out for Personal Anti Malware removal instructions, then follow this link

Bharath M N

Security Essentials 2010

Security Essentials 2010

Security Essentials 2010 is a new rogue security application. This rogue replaces Internet Security 2010 rogue security application.

Screenshot of Security Essentials 2010 splash screen

Screenshot of Security Essentials 2010 application

Security Essentials 2010 is installed through Trojan which comes disguised as flash update to view online porn videos. Once the Trojan jumps to action it hijacks the desktop and installs the rogue security application.

Additional popups displayed by the rogue luring users to purchase the rogue security application.

Be careful while removing this rogue as this rogue registers a LSP hijack like its predecessor.

Security Essentials 2010 removal instructions here

Bharath M N

Off topic

Off topic

An email that caught my attention today! Thought of sharing this email with the ones who dint recieve it ;)

Anyway Happy week end guys!

Bharath M N

My Security Wall

My Security Wall

Thanks to Miekiemoes for the heads up

Another day and another rogue called My Security Wall comes out. My Security Wall is latest rogue security application from Virusdoctor rogue family.

Screenshot of My Security Wall application

My Security Wall removal instructions here

Bharath M N

Security Antivirus

Security Antivirus

Security Antivirus is the new rogue security application from Virusdoctor rogue family.

Screenshot of Security Antivirus application

Security Antivirus removal instructions here

Bharath M N

Advanced Defender

Advanced Defender

Advanced Defender is a new rogue security application from the System Guard 2009 rogue family. This rogue replaces Personal Protector.

Screenshot of Advanced Defender application from S!Ri's blog

Advanced Defender removal instructions here

Bharath M N

SecurePcAv

SecurePcAv

Thanks to Patrick Jordan of SunbeltSoftware and S!Ri for the info.

SecurePcAv is the latest cloned rogue security application from WiniGuard rogue Family.

Screenshot of SecurePcAv application

SecurePcAv removal instructions here

Bharath M N

Paladin Antivirus

Paladin Antivirus

Paladin Antivirus is a new rogue security application from CoreGuard Antivirus 2009 rogue family. This rogue replaces Malware Defense rogue security application.

Screenshot of Paladin Antivirus splash screen

This rogue contunies the family tradition of attacking legitimate security software. Paladin Antivirus rogue also attempts to uninstall the same set of legitimate security software that this family targets.

• F-Secure
• Malwarebytes' Anti-Malware
• NOD32
• Agnitum
• Avira AntiVir
• avast!
• AVG
• BitDefender
• Sophos
• Kaspersky

Screenshot of Paladin Antivirus application

Paladin Antivirus displays more fake alert messages and they frequesntly pushes the user to purchase the rogue application.


This rogue also uses MBAM's Signature database like the other members of its family.

Paladin Antivirus removal instructions here

Bharath M N

SafePcAv

SafePcAv

Thanks to Patrick Jordan of SunbeltSoftware and S!Ri for the info.

SafePcAv is the latest cloned rogue security application from WiniGuard rogue Family.

Screenshot of SafePcAv application

SafePcAv removal instructions here

Bharath M N

Your PC Protector

Your PC Protector

Your PC Protector is the new rogue security application from the ASC-AntiSpyware rogue family.

Your PC Protector has replaced Windows Police Pro and making the pretty ugly rounds infecting systems.

Screenshot of Your PC Protector application

Your PC Protector removal instructions here

Bharath M N

GuardWWW

GuardWWW

Thanks to Patrick Jordan of SunbeltSoftware for the info.

GuardWWW is the latest cloned rogue security application from WiniGuard rogue Family.

Screenshot of GuardWWW application

GuardWWW removal instructions here

Bharath M N

Antivirus Soft

Antivirus Soft

Antivirus Soft is new rogue security application from Spyware Protect 2009 rogue family.

Antivirus Soft replaces Antivirus Live rogue security application.

Screenshot of Antivirus Live application

Antivirus Live removal instructions here

Bharath M N

Antimalware Defender

Antimalware Defender

Thanks to Remixed for the heads up

Antimalware Defender is the new rogue security application from Virusdoctor rogue family.

The gang has replaced the routine installation splash screen with a fake System security update window in order to trick the user into thinking that it’s a legitimate System security update.

Screenshot of the Fake System security update used by Antimalware Defender

Screenshot of Antimalware Defender application

Antimalware Defender removal instructions here

Bharath M N

The Chameleon Rogue

The Chameleon Rogue

Special thanks to all the folks @ MBAM

Recently our friends at MBAM discovered a new rogue security application from Braviax rogue family.

Like a Chameleon the rogue has the ability to change the name of the application based on system environment.

List of rogue names used by this rogue variant on Windows XP

XP Guardian
XP Antivirus Pro
XP AntiSpyware 2010
XP Internet Security
XP Internet Security 2010
Antivirus XP 2010

Screenshot of XP Internet Security 2010 application

List of rogue names used by this rogue variant on Windows Vista

Antivirus Vista 2010
Vista Antispyware 2010
Vista Guardian
Vista Antivirus Pro
Vista Internet Security
Vista Internet Security 2010

Screenshot of Vista Guardian application

List of rogue names used by this rogue variant on Windows 7

Win7 Guardian
Win 7 Antivirus Pro
Win 7 Antispyware 2010
Win 7 Internet Security
Win 7 Internet Security 2010

Screenshot of Win 7 Internet Security application

Screenshot of other rogues applications here and the removal instructions of these rogues can be found here

Bharath M N