Tuesday, November 30, 2010

How to remove WinHDD


WinHDD is the latest rogue security product in the fake Defragger family. It pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application.

WinHDD graphic interface:



(Click on graphic to enlarge)

WinHDD pop-up window warning.



(Click on graphic to enlarge)

How to remove WinHDD:

If  WinHDD has infected your pc, you should remove it immediately. Click here to use VIPRE to remove WinHDD from your computer now.
Posted by at No comments:
Labels:

Tuesday, November 16, 2010

How to remove the ScanDisk rogue


ScanDisk is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. It’s new clone of the Defragger family.

Threat name: ScanDisk-Defragger

ScanDisk warning pop-up window:

  
(Click on graphic to enlarge)

ScanDisk graphic user interface



(Click on graphic to enlarge)

How to remove ScanDisk:

If  ScanDisk has infected your pc, you should remove it immediately. Click here to use VIPRE to remove ScanDisk from your computer now.
Posted by at No comments:
Labels:

Monday, November 15, 2010

How to remove UltraDefragger rogue


UltraDefragger is a rebranding of the SystemDefragmenter rogue security product from last month. It pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application.

UltraDefragger warning pop-up:

 

(Click on graphic to enlarge)

UltraDefragger graphic interface:

 
(Click on graphic to enlarge)

UltraDefragger is a re-branding of the SystemDefragmenter rogue.

Files added:

%USERPROFILE%\Local Settings\Temp\<random_name>.dll %USERPROFILE%\Local Settings\Temp\<random_numbers>.exe

Directory added:

%USERPROFILE%\Start Menu\Programs\Ultra Defragger

How to remove UltraDefragger:

If  UltraDefragger has infected your pc, you should remove it immediately. Click here to use VIPRE to remove UltraDefragger from your computer now.
Posted by at No comments:

How to remove Security Inspector 2010 rogue

Security Inspector 2010 is a rogue security product in the UnVirex family that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application.

Threat name: SecurityInspector2010

Security Inspector 2010 install screens:

 
(Click on graphic to enlarge)


(Click on graphic to enlarge)

Security Inspector 2010 graphic interface:


(Click on graphic to enlarge)

Files created:

APPDATA%%APPDATA%Security Inspector 2010Microsoft\Internet Explorer\Quick Launch\Security Inspector 2010.lnk

APPDATA%%APPDATA%Security Inspector 2010Security Inspector 2010\Security_Inspector_2010.exe

APPDATA%%APPDATA%Security Inspector 2010Security Inspector 2010\securitycenter.exe

APPDATA%%APPDATA%Security Inspector 2010Security Inspector 2010\securityhelper.exe

APPDATA%%APPDATA%Security Inspector 2010Security Inspector 2010\taskmgr.dll


Registry entries:

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Uninstall\Security Inspector 2010

HKEY_CURRENT_USER\Software\Security Inspector 2010

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "Security Inspector 2010


Family history:

5/26/2009          UnVirex
9/6/2009            ContraViro
12/30/2009        AntivirusPC2009
1/22/2010          DesktopSecurity2010
10/14/2010        AntivirusStudio2010
10/27/2010        AntivirusSolution2010
11/13/2010        SecurityInspector2010

Associated sites

antivirusstudio.com
antivirusstudio2010.com
antivirusstudio2010net.com
antivirusstudio2010url.com
antivirusstudioltd2010.com
antivirusstudionet.com
antivirusstudionew2010.com
antivirusstudiosoft2010.com
my-www.tk
scaner-aby.tk
scaner-bro.tk
scaner-bug.tk
scaner-byhj.tk
scaner-core.tk
scaner-creed.tk
scaner-csd.tk
scaner-cst.tk
scaner-cut.tk
scaner-i.tk
scaner-idea.tk
scaner-if.tk
scaner-k.tk
scaner-ka.tk
scaner-kde.tk
scaner-king.tk
scaner-kk.tk
scaner-kl.tk
scaner-kv.tk
scaner-neo.tk
scaner-news.tk
scaner-tdom.tk
scaner.tk
securityinspector2010.com
totalcodec.com
viruscleaner2010.com
viruscleaner2011.com
web-carm.tk
x-cash-x.com
 
How to remove Security Inspector 2010:

If   Security Inspector 2010 has infected your pc, you should remove it immediately. Click here to use VIPRE to remove Security Inspector 2010 from your computer now.
Posted by at No comments:
Labels:

Thursday, November 11, 2010

How to Remove Internet Security Suite Rogue

Internet Security Suite is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application. It’s the latest rogue of the FakeVimes family. Both the downloader and module are detected as FraudTool.Win32.FakeVimes!VB (v).

This replaces SmartEngine.FakeVimes as the latest member of the FakeVimes family

Threat Name: InternetSecuritySuite.FakeVimes

InternetSecuritySuite installer:




(Click on graphic to enlarge)

InternetSecuritySuite graphic interface.



  (Click on graphic to enlarge)

How to remove Internet Security Suite:

If  Internet Security Suite has infected your pc, you should remove it immediately. Click here to use VIPRE to remove Internet Security Suite from your computer now.
Posted by at 2 comments:
Labels:

Monday, November 8, 2010

SecurityEssentials 2011


SecurityEssentials2011 is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing this useless application.

VIPRE detects it as Trojan.Win32.Generic!SB.0

Security Essentials 2011 splash screen


 (Click on graphic to enlarge)

Security Essentials 2011 graphic interface



(Click on graphic to enlarge)

Security Essentials 2011 payment screen


(Click on graphic to enlarge)

How to remove SecurityEssentials2011:

If  SecurityEssentials2011 has infected your pc, you should remove it immediately. Click here to use VIPRE to remove SecurityEssentials2011 from your computer now.
Posted by at No comments:

Friday, November 5, 2010

System Tool 2011


System Tool 2011 is a rogue security product that pretends to find malicious code on a victim’s machine in order to frighten him or her into purchasing a useless application. It’s a clone of the 2008 Security Tool rogue.

System Tool 2011 warning screen.

 

(Click on graphic to enlarge)

System Tool 2011 graphic interface



(Click on graphic to enlarge)

System Tool 2011 payment screen.



(Click on graphic to enlarge)

How to remove System Tool 2011:

Like the old System Security rogue of 2008, this one also includes desktop hijacking. Once an infected computer is rebooted, the victim will no longer be able to run any applications. However, by switching to safe mode the rogue can be deleted.

System Tool 2011 is fully polymorphic and is bundled by third party malware groups.

It creates a randomly named folder in %COMMON_APPDATA%

If System Tool 2011 has infected your pc, you should remove it immediately. Click here to use VIPRE to remove System Tool 2011 from your computer now.
Posted by at 97 comments:
Subscribe to: Posts (Atom)