The ultimate resource for malware removal and virus protection
09.04.2013 | Malware Type: Rogue Anti-Spyware
System Care Antivirus does precisely what all the fake security programs out there do, i.e. manipulate people in order to eventually get revenue. This program scans your computer for infections and always – with no exceptions – detects stuff. In this case though, detection is in no way related to the routine that legitimate antiviruses stick to. It simply displays the results that look spooky but have nothing to do with the real state of affairs. This is a scare tactic aiming at ripping the most credulous users off. In addition to the above-mentioned scans running each time you start Windows, System Care Antivirus pops up system tray alerts and other warning messages, just to add some persuasiveness to the whole deal. Another aspect of this rogue AV is about blocking certain processes that might prevent it from staying on your PC unimpeded. That usually applies to authentic security software, so it might be a good idea to boot into Safe Mode (hit F8 key during startup) and try launching your solution against this pest. Yet another trait of this virus is that it leverages tricky obfuscation techniques which make it really complicated to locate the associated files manually. In the end of the day, it’s an absolute must to address the issue of System Care Antivirus playing havoc with your system. This set of instructions should help you combat this little beast.
26.03.2013 | Malware Type: Rogue Anti-Spyware
The scareware propagation business is alive and well, AVASoft Professional Antivirus being an unequivocal evidence of that. Although this rogue product appeared a few days ago, the number of infected users is quite similar to the scopes we saw around 2008 when this industry was close to its peak. This seems pretty interesting – are we entering a new upswing right now? Could be; hopefully not. Anyway, AVASoft Professional Antivirus represents the WinWebSec family which has been known for years. It looks professional indeed, bearing all the outer key attributes of AV software. It seems to feature system scanning, privacy protection, update options, customer support, and pretty comprehensive settings. Now let’s peek a little deeper into this utility’s essence. When it runs scans (and this happens on a regular basis), it detects spyware, adware, backdoors, Trojans, dialers keyloggers, e.g. SVCHOST.Stealth.Keylogger, – even on a clean OS. That’s because the app was programmed to report things that are not there. It thus uses a scare tactic to induce users into going ahead and registering the full version for a certain amount of money. Also, the rogue might prevent some legitimate processes from executing. Yet another trait of this little program has to do with the uninstall, that is, it prevents users from removing it. Due of the latter, it typically takes an automated solution to weed this aggressive thing out. Stick to the recommendations below to get rid of AVASoft Professional Antivirus scam without harm to your system.
21.03.2013 | Malware Type: Rogue Anti-Spyware
Antivirus Security 2013 is one of those applications that look right but act really, really bad. More precisely, this is a rogue security product created by cybercriminals. Its prime objective is to invade one’s computer through the use of Trojans, typically, and then display loads of false positives alerting the user about tons of security problems. Antivirus Security 2013 gets configured to start once a Windows session is initiated; moreover, it begins running with priority, meaning that its executable overruns some other applications from your startup list. Having made all these changes to your system, it triggers a scan which is followed by a fabricated report stating that there are Trojan horses, spyware, worms, adware, tracking cookies, and other nasty things like that detected on your machine. It then calls for action, recommending you buy the license to activate the fully functional version which is claimed to be capable of removing these purported threats. Now, guess what happens if you actually pay the scammers? Basically nothing, because the ‘deleted’ infections were never there to begin with. Since uninstalling Antivirus Security 2013 is not a trivial task, it’s advised to use a genuine AV tool to spot and sweep this fraud away.
26.01.2013 | Malware Type: Rogue Anti-Spyware
Here is how easily you might get in trouble these days: you visit a web page you deem perfectly trusty, click through and see some luring ad or file to be downloaded. What a whole lot of users do next is click on this attractive thing, and voila – you end up observing something really weird upon the next reboot. Something like Security Defender which you can see on the snapshot below. Do you know what kind of app that is? We’ll tell you in this post. This is a utility that will never provide any genuine computer safety reports, for one very simple cause: it isn’t meant to be informative, in the positive sense. Security Defender says you have viruses, but guess what – those aren’t there. It states that it can help you get rid of those infections, but it certainly won’t because, again, they aren’t there. Imitation of benign activity and good intensions is everything this program is about. The symptoms of this infestation are fake scan results and noxious alerts it keeps displaying over and over, e.g. ones about 66 critical system objects detected, about iexplore.exe being struck by Trojan-Clicker.Js.Agent.op or Trojan.JS.Fraud.ba, about the unknown program named Porn-Tool.Win32.StripDance.d allegedly scanning your registry right now, etc. Once (and if) you happen to fall for this nonsense, chances are you do what the bad app tells you to, i.e. register it online by paying for the product license. Now, make sure you never do a thing as thoughtless as that! Security Defender is not there to help secure your workstation. It’s a money harvesting instrument inspired and designed by criminals who simply strive to get hold of a certain amount from your credit card. Hopefully you now understand how you should treat this disgusting piece of scam.
12.07.2012 | Malware Type: Toolbars
There’s evidently a trend (not a good one) out there which consists in people having problems getting rid of things associated with web browsers, such as add-ons, toolbars etc. The aggressive marketing probably presupposes no easy uninstalling, we guess. FunMoods browser extension toolbar is a straightforward example of this phenomenon. You may install it consciously, hoping that it will facilitate your web search activities and add some entertainment into your Internet browsing routine. That’s not quite so though. Whether or not you find this one annoying, it’s not nearly as informative and helpful as it should be. Now, when you get to the point where removing FunMoods toolbar becomes your choice, you start running into odd things. First of all, even after the regular Control Panel removal, which might seem successful at first, the issue tends to persist. On the other hand, the toolbar itself does not appear to have an uninstall option of its own that works. Sounds like a problem. Moreover, one of the ways FunMoods acts is it redirects your searches to advertising networks, thus bringing its creators income through leads or CPA campaigns. Whether you like it or not, the only efficient method of getting FunMoods toolbar off your computer is by using an automated security solution that will find the kernel of the adware’s components, and sweep it all away. Follow the section below to learn how this is doable.
16.05.2012 | Malware Type: Trojan Horses
Trojan.Ursnif is a piece of malicious software which indulges in stealing one’s private information and sending it over to Internet scammers. This fraudware can intrude into your computer during the installation of some applications and games received from the Net, or when you work with media content online i.e. listen to music, play videos etc. If you’ve spotted the slowdown of system performance or the speed of the Internet connection – you’ve probably gotten infected. Such virus establishes permanent connection to a remote server to transmit the sensitive data from the infested PC to a remove server controlled by fraudsters. Furthermore, this trojan may masquerade as just some popular plugins, freeware games or extensions so that it penetrates into browser processes and messes up your regular web activities, steals passwords and logins and modifies your Internet connection settings. All these actions are quite dangerous as by using such scareware, cybercriminals may take your machine under total permanent control. Trojan.Ursnif can also download some additional malware from the worldwide web and contaminate your OS yet more badly. There is a possibility to detect and remove the trojan from the PC, however you’d better not do this manually as this may damage the whole system. There are malware removal utilities that can do the trick for you. You can try one of them – see below for details.
13.05.2012 | Malware Type: Rogue Anti-Spyware
A new threat has recently appeared to the worldwide web. Its name is Windows Be-on-Guard Edition. This malicious software acts and looks just like a legitimate antivirus, though this is indeed a nightmare for a computer user. The fraudware intrudes on the machine via drive-by downloads from Internet pages containing malicious scripts. These could be either special doorway pages with lots of teasing ads and links, or hacked legitimate web resources such as search systems and social networks etc. The problem is that this rogue penetrates into the system and installs without your permission or personal concern. It creates false registry entries to run within the OS and due to this may even block the Task Manager. Furthermore, removing this bug is likely to be a problem as there’s also no uninstall option included into Windows Be-on-Guard Edition distributive: no wonder – the malware authors are not interested in their product being easily removable. So the cleaning process could be only possible using special utilities. One of the main dangers about this scamware is it is in charge of blocking your trustworthy anti-spyware system and creating new fabricated scanners and pseudo filters to produce numerous fake virus alerts and notifications concerning the system’s condition. Such warnings, as well as fabricated scan results are intended to scare the user and prompt him/her to buy the commercial version of this software. This is what it’s all about – stealing your money is the main aim of the cybercriminals who have developed this program. To protect oneself from the danger, one should be cautious about visiting unfamiliar Internet pages and keep the legitimate antivirus constantly turned on and updated. Furthermore, it’s a must to get this one off of your computer system – below is the tutorial to help you with that.