System Recovery rogue of the FakeSysDef Family, is a fake analysis application that uses scareware tactics of having hard drive and system errors to scare those infected to purchase the rogue. The FakeSysDef family of rogues infections includes an MBR (Master Boot Record) Rootkit like TDSS, TDL#, or Sinowal designed to generate profits from search …
Aug 28
OpenCloud Antivirus Rogue of the FakeScanti Family
OpenCloud Antivirus is a rogue of the FakeScanti Family, that uses scare tactics of fakealerts and the blocking of any application trying to run to scare the user into purchasing the rogue to clean the fake scan results it shows. Files and Locations: %APPDATA%\OpenCloud Antivirus\OpenCloud Antivirus.exe %APPDATA%\OpenCloud Antivirus\OpenCloud Antivirus.ico %APPDATA%\OpenCloud Antivirus\sysl32.dll %APPDATA%\OpenCloud Antivirus\wf.conf %PROGRAMS%\OpenCloud Antivirus\OpenCloud Antivirus.lnk …
Aug 27
PC Repair rogue of the FakeSysDef Family
PC Repair rogue of the FakeSysDef Family, is a fake analysis and optimization application using scareware messages of having hard drive and system errors to goad the user into purchasing the rogue. This family of rogues are part of an infection that includes an MBR (Master Boot Record) Rootkit like TDSS, and one of the …
Aug 20
Home Safety Essentials rogue of the FakeVimes Family
Home Safety Essentials is a rogue of the FakeVimes Family which replaces the Anti-Malware Lab clone. The rogue uses the scare tactics of generating pop up fake alerts to get the users infected to purchase the rogue. The FakeVimes rogues also hijacks the hosts file and sets a proxy in the Internet Options, Connections, Lan …
Aug 14
Security Protection Rogue of the Malware Protection Family
Security Protection is a rogue that is part of the Malware Protection family of rogues that uses fake alert and fake scan results as scare tactics to get the user to purchase the rogue. Files and Locations: %COMMON_APPDATA%\defender.exe Registry: HKEY_CURRENT_USER\TWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN\SECURITY PROTECTION\C:\Documents and SETTINGS\ALL USERS\APPLICATION DATA\Defender.exe /MI How Do I Remove Security Protection from My PC? …
Aug 13
Sites of the FakeRean Rogue
Sites of the FakeRean Rogue The main sites used by a person or persons that whois information uses Win32Parit.B in emails, and is constantly using free domain forwarding sites for the PDF Exploits and the FakeRean downloader’s. Main Sites: directredirection DOT com imeemer DOT cn lastfmer DOT cn nsrecord DOT org picspics DOT cn redspacetube DOT …
Aug 12
How to Remove the FakeRean Rogue
On April 2009 a new rogue appeared which many infected where calling the rogues shown as different names and which Micorosft began naming as FakeRean. The rogue unlike others in 2009 was different in that the downloader contained a list of rogue names and which then included the OS (Operating System) in the title of the …
Aug 12
Wolfram Antivirus Rogue of the FakeScanti Family
Wolfram Antivirus Rogue of the FakeScanti Family is a rogue security program that blocks the running of all applications and continual pop up fake alerts designed to scare the infected user into purchasing the rogue. Files and Locations: %APPDATA%Wolfram Antivirus\ %APPDATA%Wolfram Antivirus\crss.exe %APPDATA%Wolfram Antivirus\Wolfram Antivirus.exe %APPDATA%Wolfram Antivirus\wf.conf %APPDATA%Wolfram Antivirus\wolfram Antivirus.ico %APPDATA%Wolfram Antivirus\sysl32.dll %APPDATA%Microsoft\conhost.exe %APPDATA%dwm.exe Registry Entries: …
Aug 08
Rogues of the FakeSysDef Family
Rogues of the FakeSysDef Family (Fake System Deframenter) This family of rogues is also known to include MBR Rootkit infections. System Restore 10/10/2011 Data Restore 9/30/2011 System Recovery 9/6/2011 Master Utilities 9/01/2011 PC Repair 8/27/2011 Defragmenter 12/17/2010 DiskOK 1/9/2011 DiskOptimizer 1/15/2011 DiskRecovery 2/4/2011 DiskRepair 12/22/2010 FastDisk 1/12/2011 GoodMemory 1/12/2011 HDDControl 4/12/2011 HDDDiagnostic 12/13/2010 HDDFix 1/4/2011 …
Aug 06
Rogues of the FakeXPA (XPAntivirus) Family
Rogues of the FakeXPA (XPAntivirus) Fake bitDefender 4/21/2011 Fake E-Set Antivirus 3/16/2011 Fake AVG Antivirus 1/28/2011 Antivirus8 9/21/2010 AntivirusGT 7/13/2010 Antivirus7 3/12/2010 Antivir.XPA 1/30/2010 Personal Security 12/1/2009 Cyber Security 10/7/2009 AlphaAV 9/29/2009 Antivirus 360 12/11/2008 Antivirus 2009 7/3/2008 XP Antivirus 10/10/2007 The Rogues of the FakeXPA (XPAntivirus) Family can be removed with manually methods, however, …