It also modifies (DesktopHijack) the desktop background:
If your PC is infected with Antivirus 2010 Security Center use MBAM to remove the infection.
Showing posts with label DesktopHijack. Show all posts
Showing posts with label DesktopHijack. Show all posts
Friday, September 17, 2010
Antivirus 2010 Security Center
Antivirus 2010 Security Center is a fake Antivirus tool. It displays fake alert and notifications to push users into buying a license.
It also modifies (DesktopHijack) the desktop background:
If your PC is infected with Antivirus 2010 Security Center use MBAM to remove the infection.
It also modifies (DesktopHijack) the desktop background:
If your PC is infected with Antivirus 2010 Security Center use MBAM to remove the infection.
Thursday, July 30, 2009
Windows Antivirus Pro
Windows Antivirus Pro is a Fake Security Software (Rogue). It displays fake alerts and modify desktop background. It also prevent execution of binaries to scare users.
The new Desktop background is a transparent picture with a "Danger!!! Your computer is INFECTED!" message. It is superposed on the original background
The new Desktop background is a transparent picture with a "Danger!!! Your computer is INFECTED!" message. It is superposed on the original background
Friday, July 3, 2009
Desktop Hijack
System Security 2009, a known rogue, is hijacking Desktop Background. It also displays fake message about trojan infections to scare users.
Previous Post here.
Previous Post here.
Tuesday, May 12, 2009
Desktop Hijack
New malware has been found, it hijacks Desktop Background and promotes System Security 2009 Rogue with fake alerts.
It also pops up pr0n pages and display a fake BSOD:
Thanks to Malekal_Morte
It also pops up pr0n pages and display a fake BSOD:
Thanks to Malekal_Morte
Thursday, April 23, 2009
Advanced Spyware Detector
Advanced Spyware Detector is a new rogue. It is also know under Advanced Spyware Detect or Advansed Spyware Detector (typo error in the binary tab version and registry keys).
This fake security software detects false positives to justify an infection and scare users.
It replace the desktop background with a fake security message.
This fake security software detects false positives to justify an infection and scare users.
It replace the desktop background with a fake security message.
Thursday, April 9, 2009
Desktop Hijack
This kind of Desktop Hijack is used to scare users. The evil code installs restrictions to prevent infected users to restore the original background picture.
The message in the taskbar is from the malware and leads to Antivirus XP Pro 2009 fake security software (rogue) website.
One of the Hijack symptom is the presence of this start key:
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
The message in the taskbar is from the malware and leads to Antivirus XP Pro 2009 fake security software (rogue) website.
One of the Hijack symptom is the presence of this start key:
O4 - HKLM\..\Run: [Framework Windows] frmwrk32.exe
Wednesday, March 4, 2009
WinCoDecPRO Fake Codec
WinCoDecPRO is a Rogue like fake software.
While Rogues detect fake infections on a clean system and display alerts message, WinCoDecPRO displays fake codec error, redirecting infected user to WinCoDecPRO web site.
When Trying to run Windows Media Player, the malware closes it and displays a messagebox, choosing the text in a hardcoded list:
It also display regularly popups alerts:
The modified wallpaper:
While Rogues detect fake infections on a clean system and display alerts message, WinCoDecPRO displays fake codec error, redirecting infected user to WinCoDecPRO web site.
When Trying to run Windows Media Player, the malware closes it and displays a messagebox, choosing the text in a hardcoded list:
It also display regularly popups alerts:
The modified wallpaper:
Wednesday, October 8, 2008
Antivirus 2010
eAntivirusPro is a fake security software (rogue) from the same family as: eAntivirusPro, AntiMalware 2009, Micro Antivirus 2009, Vista Antivirus 2008, Antispyware 2008 XP, System Antivirus 2008, Internet Antivirus, Smart Antivirus 2009, MS Antivirus, Advanced Antivirus, Power Antivirus, XPert Antivirus.
A component of the rogue displays an image of a BSOD followed by a Windows XP reboot animation.
SmitfraudFix removes the infection.
A component of the rogue displays an image of a BSOD followed by a Windows XP reboot animation.
SmitfraudFix removes the infection.
Friday, September 5, 2008
Smart Antivirus 2009
Smart Antivirus 2009 is a rogue from the same family as Vista Antivirus 2008, Antispyware 2008 XP, System Antivirus 2008, Internet Antivirus family...
These fake security softwares detect infections on a clean system.
It is also trying to modify the desktop background. A fake dll file is dropped in the %TEMP% folder which is a JPG file:
SmitfraudFix removes the malware.
Thanks to Bharath M N.
These fake security softwares detect infections on a clean system.
It is also trying to modify the desktop background. A fake dll file is dropped in the %TEMP% folder which is a JPG file:
SmitfraudFix removes the malware.
Thanks to Bharath M N.
Sunday, August 17, 2008
Desktop Hijack
Fake Vista Window picture installed as wallpaper with various Rogues (Antivirus XP 2008, XP Security Center, ...).
Tuesday, May 27, 2008
VideoAccessCodec (VAC), Virus Alert!
The new version of Video Access Codec infection installs some policies that prevent Command Line execution.
It also displays a message: Virus Alert! in the Windows Clock, removes some Start Menu icons, and hides drives icons.
Use SmitfraudFix to remove the infection.
It also displays a message: Virus Alert! in the Windows Clock, removes some Start Menu icons, and hides drives icons.
Use SmitfraudFix to remove the infection.
Friday, February 22, 2008
Topantispyware
This infection changes the background, prevents user from changing it, displaying Process Manager, Typing URL in IE. It also displays many fakes alert and popup messages.
Monday, February 4, 2008
Saturday, October 6, 2007
Tuesday, May 22, 2007
Privacy Danger Desktop Hijack
Privacy Danger is a componant of NewMediaCodec/VideoAccessCodec (VideoCach), a fake codec that displays alerts, Rogue popups, installs a BHO...
Desktop background modified:
Desktop background modified:
Monday, January 9, 2006
Subscribe to:
Posts (Atom)
