MyPcSecure (My Pc Secure) is a fake security software (rogue) from the Winisoft family (PcSecureNet, PcsSecure, APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
MyPcSecure comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Friday, January 29, 2010
Thursday, January 28, 2010
Antivir 2010
Antivir 2010 is a new fake security application.
Antivir 2010 takes its name from the real Antivir Antivirus by Avira. Antivir 2010 detects fake infections on a clean system to scare users. It also installs a BHO to display error messages in Internet Explorer.
If your PC is infected with Antivir 2010 use MBAM to remove the infection.
Antivir 2010 takes its name from the real Antivir Antivirus by Avira. Antivir 2010 detects fake infections on a clean system to scare users. It also installs a BHO to display error messages in Internet Explorer.
If your PC is infected with Antivir 2010 use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots
Wednesday, January 27, 2010
Win 7 Antispyware 2010
Win 7 Antispyware 2010 is the new Braviax family rogue (Antivirus Pro 2010, PC Antispyware 2010, Home Antivirus 2010, PC Security 2009, Home Antivirus 2009).
Win 7 Antispyware 2010 detects fake infections on a clean system to scare users. It is also changing it's name (self renaming):
Win 7 Antispyware 2010
Win 7 Internet Security 2010
On Windows XP, the rogue has a different GUI.
Antivirus XP 2010
XP Guardian
XP Internet Security
On Windows Vista, it has a Vista based name.
Vista Antivirus Pro 2010
Vista Internet Security 2010
The rogue register itself to be run with .exe binaries. It looks at the processes in memory and stops legit security tools.
If your PC is infected with some of the Braviax family rogue, use MBAM to remove the infection.
Win 7 Antispyware 2010 detects fake infections on a clean system to scare users. It is also changing it's name (self renaming):
Win 7 Antispyware 2010
Win 7 Internet Security 2010
On Windows XP, the rogue has a different GUI.
Antivirus XP 2010
XP Guardian
XP Internet Security
On Windows Vista, it has a Vista based name.
Vista Antivirus Pro 2010
Vista Internet Security 2010
The rogue register itself to be run with .exe binaries. It looks at the processes in memory and stops legit security tools.
If your PC is infected with some of the Braviax family rogue, use MBAM to remove the infection.
Libellés :
Braviax,
Rogues,
ScreenShots
PcSecureNet
PcSecureNet is a fake security software (rogue) from the Winisoft family (PcsSecure, APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
PcSecureNet comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
PcSecureNet comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
Live Entreprise Suite
Live Entreprise Suite is a fake security application. Replaces Internet Antivirus Pro.
Live Entreprise Suite detects fake infections on a clean system to scare users. Installed from fake online security scanners, it comes with TDSS RK.
If your PC is infected with Live Entreprise Suite, follow the BleepingComputer removal guide.
Live Entreprise Suite detects fake infections on a clean system to scare users. Installed from fake online security scanners, it comes with TDSS RK.
If your PC is infected with Live Entreprise Suite, follow the BleepingComputer removal guide.
Libellés :
Anti200X,
Rogues,
ScreenShots
Spy Doc Pro
SpyDocPro is a fake security software. It is edited by the same editor who release PC Doc Pro.
pcdocpro.com (72.52.146.60)
spydocpro.com (72.52.146.60)
spyresearchcenter.com (72.52.146.60)
pcdocpro.com (72.52.146.60)
spydocpro.com (72.52.146.60)
spyresearchcenter.com (72.52.146.60)
Libellés :
Rogues,
ScreenShots
Registry Elite
Registry Elite is a fake registry cleaner. It detects Fake registry problems, file association errors and other symptoms on a brand new system (383 errors on this capture test (Windowns XP SP3 installed few minutes ago).
registryelite.com (67.227.208.84)
tweaklogic.com (67.227.208.84)
Registry Elite is a clone of PC Doc Pro
registryelite.com (67.227.208.84)
tweaklogic.com (67.227.208.84)
Registry Elite is a clone of PC Doc Pro
Libellés :
Registry Cleaners,
Rogues,
ScreenShots
PC Doc Pro
PC Doc Pro is a fake registry cleaner. It detects Fake registry problems, file association errors and other symptoms on a brand new system (192 errors on this capture test (Windowns XP SP3 installed few minutes ago).
pcdocpro.com (72.52.146.60)
spydocpro.com (72.52.146.60)
spyresearchcenter.com (72.52.146.60)
PC Doc Pro is a clone of Registry Elite
pcdocpro.com (72.52.146.60)
spydocpro.com (72.52.146.60)
spyresearchcenter.com (72.52.146.60)
PC Doc Pro is a clone of Registry Elite
Libellés :
Registry Cleaners,
Rogues,
ScreenShots
Monday, January 25, 2010
PcsSecure
PcsSecure is a fake security software (rogue) from the Winisoft family (APcSafe, APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
PcsSecure comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
PcsSecure comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
SpyEraser
SpyEraser is a fake security software. It detects non existent infections to scare users pushing them to buy a license.
spyeraser-security.com (193.104.110.81)
spyeraser.ir (193.104.110.81)
spyeraser-software.ru (193.104.110.81)
spyeraser-trial.com (193.104.110.81)
spyeraserstore.com (193.104.110.81)
vipimagine.cn (193.104.110.81)
spyeraser-security.com (193.104.110.81)
spyeraser.ir (193.104.110.81)
spyeraser-software.ru (193.104.110.81)
spyeraser-trial.com (193.104.110.81)
spyeraserstore.com (193.104.110.81)
vipimagine.cn (193.104.110.81)
Libellés :
Rogues,
ScreenShots
Saturday, January 23, 2010
APcSafe
APcSafe (A Pc Safe) is a fake security software (rogue) from the Winisoft family (APcSecure, DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
APcSafe comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
APcSafe comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
Friday, January 22, 2010
Desktop Security 2010
Desktop Security 2010 is a fake security software (rogue). It is from the same family as: Total PC Defender 2010, Desktop Defender 2010, Contraviro, UnVirex.
Desktop Security 2010 displays a lot of disturbing warning messages pushing users to purchase a license.
If your PC is infected with Desktop Security 2010 rogue, use MBAM to remove the infection.
Desktop Security 2010 displays a lot of disturbing warning messages pushing users to purchase a license.
If your PC is infected with Desktop Security 2010 rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
Zaxar
Total PC Defender 2010
Total PC Defender 2010 is a fake security software (rogue). It replaces Desktop Defender 2010. (Contraviro and UnVirex family).
Total PC Defender 2010 displays a lot of disturbing warning messages to scare users inviting them to purchase a license.
If your PC is infected with Total PC Defender 2010 rogue, use MBAM to remove the infection.
Total PC Defender 2010 displays a lot of disturbing warning messages to scare users inviting them to purchase a license.
If your PC is infected with Total PC Defender 2010 rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
Zaxar
APcSecure
APcSecure (A Pc Secure) is a fake serurity software (rogue) from the Winisoft family (DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
APcSecure comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
APcSecure comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
Thursday, January 21, 2010
Protect Soldier
Protect Soldier is a fake security software (rogue) from the Winisoft family (Protect Defender, Armor Defender, DefendAPc, REAnti, ...)
Protect Soldier comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with Protect Defender, use MBAM to remove the infection.
Protect Soldier comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with Protect Defender, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
LSP Hijack
Internet Security 2010 is a recent rogue that prevent softwares and media players execution.
The trojan-downloader installing the rogue is also registering a LSP Hijack that blocks some sites, displaying an error message in the brower:
Hijackthis symptoms:
Sites blocked by this Malware are:
Do not delete the LSP File without unregistering it, you will break the Internet connection !
If your PC is infected with Internet Security 2010, use MBAM to remove the infection.
The trojan-downloader installing the rogue is also registering a LSP Hijack that blocks some sites, displaying an error message in the brower:
Restricted Site!
This web site is restricted based on your security preferences.
Your system is infected. Please activate your antivirus software.
Hijackthis symptoms:
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\helper32.dll
Sites blocked by this Malware are:
facebook.com
youtube.com
myspace.com
live.com
craigslist.org
wikipedia.org
ebay.com
blogger.com
amazon.com
twitter.com
go.com
bing.com
flickr.com
wordpress.com
photobucket.com
weather.com
nytimes.com
linkedin.com
pornhub.com
mapquest.com
foxnews.com
hulu.com
livejasmin.com
youporn.com
digg.com
adultfriendfinder.com
mywebsearch.com
rapidshare.com
redtube.com
ask.com
tube8.com
imageshack.us
livejournal.com
thepiratebay.org
xvideos.com
godaddy.com
mozilla.com
washingtonpost.com
monster.com
bbc.co.uk
bebo.com
guardian.co.uk
Do not delete the LSP File without unregistering it, you will break the Internet connection !
If your PC is infected with Internet Security 2010, use MBAM to remove the infection.
Libellés :
Rogues
Wednesday, January 20, 2010
Protect Defender
Protect Defender is a fake security software (rogue) from the Winisoft family (Armor Defender, DefendAPc, REAnti, ...)
Protect Defender comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with Protect Defender, use MBAM to remove the infection.
Protect Defender comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with Protect Defender, use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
WiniSoft
Tuesday, January 19, 2010
Armor Defender
Armor Defender is a fake security software (rogue) from the Winisoft family (DefendAPc, SysDefenders, InSysSecure, SysProtector, APcDefender, PcsProtector, GreatDefender, APCprotect, ProtectPcs, SysDefence, TheDefend, GuardPcs, IGuardPc, SiteAdware, AntiTroy, AntiKeep, AntiAdd, RESpyWare, REAnti, KeepCop, SiteVillain, LinkSafeness, SecureKeeper, AntiAID, System Warrior, System Veteran, System Fighter, Block Protector, Block Keeper, Block Scanner, Block Watcher, SoftBarrier, Shield Safeness, Soft Stronghold, Soft Veteran, SoftCop, Soft Soldier, Trust Fighter, Trust Soldier, Safe Fighter, Trust Cop, Secure Warrior, Secure Fighter, Secure Veteran, Security Soldier, Security Fighter, Save Armor, Save Defender, Trust Warrior, Soft Safeness, Safety Keeper, Save Keeper, Quick Heal Cleaner, System Cop, Block Defense, Save Defense, Trust Ninja, Save Soldier, Save Keep, Winishield, Wini Fighter, WiniBlueSoft)
It use the same GUI used once in the TRE Antivirus rogue:
Armor Defender comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Thanks to remixed.
It use the same GUI used once in the TRE Antivirus rogue:
Armor Defender comes from fake online antivirus scanners or fake video codecs, creates random files on the system and detects them as infected. It also display a lot of disturbing warning messages to scare users.
If your PC is infected with some of the WiniSoft family rogue, use MBAM to remove the infection.
Thanks to remixed.
Libellés :
Rogues,
ScreenShots,
WiniSoft
Monday, January 18, 2010
Control Center
Control Center aka Ctrl Center is a fake security application. This rogue displays fake warning messages pushing users to buy a license. It replaces Privacy Center.
Once registered, Control Center proposes to download (or update) a list of softwares. There is various categories: Antivirus, Firewall, P2P, Compression, System utilities (...)
By selecting some of them, no one has ever start downloading. There is also some bugs: some categories display non related tools.
If your PC is infected with Control Center use MBAM to remove the infection.
Once registered, Control Center proposes to download (or update) a list of softwares. There is various categories: Antivirus, Firewall, P2P, Compression, System utilities (...)
By selecting some of them, no one has ever start downloading. There is also some bugs: some categories display non related tools.
If your PC is infected with Control Center use MBAM to remove the infection.
Libellés :
Rogues,
ScreenShots,
Tritax
Sunday, January 17, 2010
Personal Security
Personal Security is a fake security application. This rogue detects fake infections, trying to push users to buy a license for disinfection.
Like Alpha Antivirus, Personal Security uses an Anti Virtual Machine protection (same code) to prevent execution on a Virtual System (video).
If your PC is infected with Personal Security use MBAM to remove the infection.
Like Alpha Antivirus, Personal Security uses an Anti Virtual Machine protection (same code) to prevent execution on a Virtual System (video).
If your PC is infected with Personal Security use MBAM to remove the infection.
Libellés :
Anti200X,
Rogues,
ScreenShots
Ghost Antivirus
Ghost Antivirus is a fake security application. It detects fake infections on a clean system to scare users.
If your PC is infected with Ghost Antivirus, follow the BleepingComputer removal guide.
If your PC is infected with Ghost Antivirus, follow the BleepingComputer removal guide.
Libellés :
Rogues,
ScreenShots
Subscribe to:
Posts (Atom)