MyPcSecure
MyPcSecure is the latest cloned rogue security application from WiniGuard rogue Family.
Screenshot of MyPcSecure application
MyPcSecure removal instructions here
Bharath M N
Saturday, January 30, 2010
MyPcSecure
MyPcSecure is the latest cloned rogue security application from WiniGuard rogue Family.
MyPcSecure removal instructions here
Bharath M N
Friday, January 29, 2010
Antivir 2010
Antivir 2010
Thanks to S!Ri for the info
Antivir 2010 is yet another rogue security application. This rogue replaces Antivir rogue security application.
Screenshot of Antivir 2010 rogue security application
Both Antivir 2010 and Antivir are rogue security applications not to be confused with legitimate security application Avira AntiVir Personal. More over Avira AntiVir Personal is a free antivirus solution that can be downloaded from the following link.
Antivir 2010 removal instructions here
Bharath M N
Thursday, January 28, 2010
PcSecureNet
PcSecureNet
PcSecureNet is the latest cloned rogue security application from WiniGuard rogue Family.
Screenshot of PcSecureNet application
PcSecureNet removal instructions here
Bharath M N
Wednesday, January 27, 2010
Live Enterprise Suite
Live Enterprise Suite
Live Enterprise Suite is yet another new rogue security application following the release of Ghost Antivirus. This rogue comes from Internet Antivirus Pro rogue family.
Screenshot of Live Enterprise Suite from Bleepingcomputer.com
Live Enterprise Suite removal instructions here
Bharath M N
Monday, January 25, 2010
PcsSecure
PcsSecure
PcsSecure is the latest cloned rogue security application from WiniGuard rogue Family.
Screenshot of PcsSecure application
PcsSecure removal instructions here
Sunday, January 24, 2010
Desktop Security 2010
Desktop Security 2010
Desktop Security 2010 is a new rogue security application from Unvirex rogue family.
Screenshot of Desktop Security 2010 during the installation
Screenshot of Desktop Security 2010 application
Screenshot's of fake/scare alert messages displayed by the Desktop Security 2010 rogue security application.
Desktop Security 2010 removal instructions here
Bharath M N
Saturday, January 23, 2010
APcSafe
APcSafe
Thanks to Patrick Jordan of SunbeltSoftware for the info.
APcSafe is the latest cloned rogue security application from WiniGuard rogue Family.
Screenshot of APcSafe application
Bharath M N
Friday, January 22, 2010
APcSecure
APcSecure
APcSecure new cloned rogue security application from WiniGuard rogue Family.
APcSecure is the second rogue security application from WiniGuard rogue Family that we have seen today. They also have switched back the GUI to the second generation rogue series they released.
Screenshot of APcSecure application
Bharath M N
Thursday, January 21, 2010
Wednesday, January 20, 2010
Armor Defender
Armor Defender
Armor Defender is yet new cloned rogue security application from WiniGuard rogue Family.
Armor Defender comes up with a new logo. They have started using the GUI which was first used in TRE AntiVirus rogue cmapaign.
Screenshot of Armor Defender application from S!Ri's blog
Armor Defender removal instructions here
Bharath M N
Sunday, January 17, 2010
Antivirus360 Russian rogue powered by adware
Antivirus360 Russian rogue powered by adware
Antivirus360 is the first Russian rogue that I have ever encountered in my 4.5 years of pursuit.
The application uses a fake/scare scanner page to encourage user to download the application
They also make use of fake porn and fake codec pages to push this application. Info here
Screenshot of Antivirus360 Russian rogue application
The group behind this Antivirus360 Russian rogue has mentioned that this application is a shareware and under the TOS also mentions that the user must install another program called RekloPay.
RekloPay is an adware program which displays commercial advertisement in the center of the screen. (it only displayed adult store advertisement in all our testing)
Screenshot of the ads displayed by RekloPay adware
To remove this crap the rules laid out is simple: see 1000 ads displayed by RekloPay adware or pay the full cost by sending 2 SMS fee.
Stay away from this rogue.
Bharath M N
Win Security 360
Win Security 360
Win Security 360 is a new rogue security application.
This rogue uses the 1st generation WiniGuard rogue Family's site template.
They also make use of the existing generic fake/scare scanner page templates.
Win Security 360 homepage
They also make use of the existing generic fake/scare scanner page templates.
Screenshot of Win Security 360 application
Screenshot of Fake Alert displayed by Win Security 360
Sites Involved:
85.17.239.117 Doubleclickredir com
85.17.239.118 Security360update com
85.17.239.119 Winsecurity360 com
85.17.239.121 Theauthorizer com
Stay away from all these sites
Win Security 360 removal instructions here
Bharath M N
Friday, January 15, 2010
DefendAPc
DefendAPc
Thanks to Patrick Jordan of SunbeltSoftware for the valuable info.
DefendAPc is yet new cloned rogue security application from WiniGuard rogue Family.
Screenshot of DefendAPc application
The rogue has dropped installing rootkit and has replaced it with SERH (Search Engine Results Hijacking Click Fraud) component. This component is used for Search Engine Results Hijacking.
Screenshot of the browser hijacked by the SERH component.
Bharath M N
Wednesday, January 13, 2010
Ghost Antivirus
Ghost Antivirus
I have a annoying little Ghost on my system.
Ghost Antivirus is a new rogue security application. This rogue comes from the same group who created Internet Antivirus Pro rogue security product.
The rogue uses a generic Fake/Scare scanner page to push the rogue
Screenshot of Ghost Antivirus home page
Screenshot of Ghost Antivirus application
Fake System Alert displayed by Ghost Antivirus
Screenshot of Ghost Antivirus payment page
Thanks to Sandi Hardmeier for the list of sites.
Sites Involved:
93.190.140.165 Softwareanti com
93.190.140.165 Softwarejar com
93.190.140.165 Softwarerising com
93.190.140.165 Softwaresecure net
93.190.140.165 Softwarespyware net
93.190.140.165 Softwarethe net
93.190.140.165 Softwarethreats com
93.190.140.165 Softwarethreats net
93.190.140.165 Softwarexp net
93.190.140.165 Softwarespam net
93.174.95.194 Ghost-antivirus com
93.174.95.194 Ghost-pay com
93.174.95.194 Ghostantivirus com
93.174.95.194 Ghostpays com
93.174.95.195 Thesecurebill com
93.174.95.196 Thesoftbill com
Stay away from all these sites.
Ghost Antivirus removal instructions here
Bharath M N
Tuesday, January 12, 2010
SysDefenders
SysDefenders
Thanks to Patrick Jordan of SunbeltSoftware for the info.
SysDefenders is yet another rogue security application from WiniGuard rogue Family.
Screenshot of SysDefenders application
SysDefenders removal instructions here
Bharath M N
Saturday, January 9, 2010
Guard Pro
Guard Pro
Guard Pro is the new rogue security application from Virusdoctor rogue family.
Screenshot of Guard Pro application from Bleepingcomputer.com
Guard Pro removal instructions here
Bharath M N
Friday, January 8, 2010
InSysSecure
InSysSecure
Thanks to Patrick Jordan of SunbeltSoftware for the info.
InSysSecure is yet another rogue security application from WiniGuard rogue Family.
Screenshot of InSysSecure application
WiniGuard's rogue mania is cutting loose, they are releasing a new rogue every day.
InSysSecure removal instructions here
Bharath M N
SysProtector
SysProtector
Thanks to Patrick Jordan of SunbeltSoftware for the info.
SysProtector is yet another rogue security application from WiniGuard rogue Family.
Screenshot of SysProtector application
The group behind WiniGuard rogue Family seems to be very busy releasing new clones literally every day.
SysProtector removal instructions here
Thursday, January 7, 2010
APcDefender
APcDefender
Thanks to Patrick Jordan of SunbeltSoftware for the info.
APcDefender is yet another rogue security application from WiniGuard rogue Family.
APcDefender rogue replaced PCprotectar a short lived rogue campaign. APcDefender, PCprotectar and PcsProtector are the three rogues released this week.
Screenshot of APcDefender application
APcDefender removal instructions here
Bharath M N
Wednesday, January 6, 2010
PCprotectar
PCprotectar
Thanks to Patrick Jordan of SunbeltSoftware for the info.
PCprotectar is yet another rogue security application from WiniGuard rogue Family.
Screenshot of PCprotectar application
Bharath M N
Monday, January 4, 2010
PcsProtector
PcsProtector
PcsProtector is the new rogue security application from WiniGuard rogue Family.
Screenshot of PcsProtector application
PcsProtector removal instructions here
Bharath M N
NoMalware
NoMalware
Happy New to everyone!
NoMalware - only good ware! is the new rogue security application. This comes from CoreGuard Antivirus 2009 rogue family.
Splash Screen of NoMalware
Screenshot of NoMalware Homepage
Screenshot of NoMalware application
This application has got quite some press mentioning that this is a free tool. Well when you try a full scan the application popup's a message requesting to activate the application for 9$.
Well the website has a different plans for you and the application is not just 9$.
This rogue also uses MBAM's Signature database like the other members of its family.
Stay away from this application.
Bharath M N
Subscribe to:
Posts (Atom)
