Aug 20
Home Safety Essentials is a rogue of the FakeVimes Family which replaces the Anti-Malware Lab clone. The rogue uses the scare tactics of generating pop up fake alerts to get the users infected to purchase the rogue. The FakeVimes rogues also hijacks the hosts file and sets a proxy in the Internet Options, Connections, Lan …
Aug 14
Security Protection is a rogue that is part of the Malware Protection family of rogues that uses fake alert and fake scan results as scare tactics to get the user to purchase the rogue. Files and Locations: %COMMON_APPDATA%\defender.exe Registry: HKEY_CURRENT_USER\TWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SECURITY PROTECTION\C:\Documents and SETTINGS\ALL USERS\APPLICATION DATA\Defender.exe /MI How Do I Remove Security Protection from My PC? …
Aug 12
On April 2009 a new rogue appeared which many infected where calling the rogues shown as different names and which Micorosft began naming as FakeRean. The rogue unlike others in 2009 was different in that the downloader contained a list of rogue names and which then included the OS (Operating System) in the title of the …
Aug 12
Wolfram Antivirus Rogue of the FakeScanti Family is a rogue security program that blocks the running of all applications and continual pop up fake alerts designed to scare the infected user into purchasing the rogue. Files and Locations: %APPDATA%Wolfram Antivirus\ %APPDATA%Wolfram Antivirus\crss.exe %APPDATA%Wolfram Antivirus\Wolfram Antivirus.exe %APPDATA%Wolfram Antivirus\wf.conf %APPDATA%Wolfram Antivirus\wolfram Antivirus.ico %APPDATA%Wolfram Antivirus\sysl32.dll %APPDATA%Microsoft\conhost.exe %APPDATA%dwm.exe Registry Entries: …
Jul 16
Personal Shield Pro rogue of the WinWeb Security Family replaced the MS Removal Tool clone on 16 July 2011 that uses Scareware Marketing to get the infected users to purchase the fake security application. Files and Locations: %COMMON_APPDATA%\<random named>.exe The Personal Shield Pro rogue can be removed with manually, however, becasue of blocking apps and …
Jul 09
Windows Armature Master is a rogue security software product from the Privacy Center family that claims to keep your system free of malware by scaring the end-user into purchasing “protection” through fake infection warnings. How do I Remove Windows Armature Master From My PC? There are ways of removing this manually, but we recommend using …
Jul 09
Windows Accurate Protector is a rogue security software product from the Privacy Center family that claims to keep your system free of malware by scaring the end-user into purchasing “protection” through fake infection warnings. How Do I Remove Windows Accurate Protector from My PC? There are ways of removing this manually, but we recommend using …
Jul 08
Windows Test Master is a rogue security software product from the Privacy Center family that claims to keep your system free of malware by scaring the end-user into purchasing “protection” through fake infection warnings. How do I Remove Windows Test Master From My PC? There are ways of removing this manually, but we recommend using …
Jul 08
Windows Fix is a rogue antivirus software from the FakeSysDef (Fake System Defragmenter) family that is spotted in the wild. It displays fake detections to get users to purchase this software to purportedly remove nonexistent infection. This clone is noted to name itself using the following format: {OS version} Fix. For example, if the infected …
Jul 07
Anti-Malware Lab is an upgraded version of PCSecurityGuardian.FakeVimes, a FakeVimes family variant. It claims to keep your system free of malware by scaring the end-user into purchasing “protection” through fake infection warnings. Below is a list of blogs related to FakeVimes that you can read on the GFI Labs Blog: Holiday rogues available in searches …
