The ultimate resource for malware removal and virus protection
23.01.2012 | Malware Type: Rogue Anti-Spyware
Smart Protection 2012 does not offer a fix for anything. On the contrary, it’s a fix for this fake antivirus program that you need, and the sooner the better. The application under analysis plenty of traits in common with Security Sphere 2012 scareware for experts to affiliate them with each other, which means they belong to the same group and were probably made by the same people. Users have been reporting issues with Smart Protection 2012 badware for a few days now, and although the propagation does not appear too fast and intense – still this is apparently a threat to learn about. Normally you catch this malady from a download you make online. There may be some externally attractive file or update on some site, and once you click it a trojan horse hops into your computer system, bypassing the basic defensive facilities. That being done, it takes the malware to transform from something insignificant and amorphous into a tangible problem within minutes. The next time you start Windows, you will see a scan by this app that will come up with some terrifying results. Smart Protection 2012 tells you that dangerous infections were found during the scan and recommends that you do a full system cleanup using its commercial copy. You have probably figured this will require a necessary purchase transaction on your end. So it all comes back to fraudulent money earning. However, when you try to uninstall this illicit utility you will be surprised to see it’s nowhere to be found on Add/Remove Programs interface, nor does it have an uninstall option of its own. Moreover, when you try to run a real AV tool the virus may keep closing it. So what we advise is you should boot into Safe Mode by hitting F8 many times during restart and then stick to the tips outlined below for complete extermination of this junk.
22.01.2012 | Malware Type: Rogue Anti-Spyware
Internet Security 2012, a clone of Privacy Protection, is a fake anti-malware utility that entices unsuspecting users to hand over their credit card data and buy the product. Unfortunately the program has plenty of trickeries in store to persuade people that it can really do something in terms of virus detection and removal. It is typically delivered by a trojan whose default stealth makes it really hard for the firewall and even some antivirus clients to intercept it. Then, the scareware changes Windows registry and adds some new files on the system, which inevitably leads to significant distortion of the PC’s work. Internet Security 2012 begins showing up after every computer reboot in the shape of a security scan accompanied by popup alerts. Both the scanners and the ads are falsified and report things that do not actually reside on the targeted machine. It’s too bad a certain ratio of victims end up falling for this alarming information about the system being infected and follow the tips prompted by the rogue. What the inspirers and creators of Internet Security 2012 expect you to do is purchase the license for their product. But if you happen to count on this tool for cleaning up the malware mess allegedly taking over your PC, you are making a regrettable thing. The mistake is you will in no way benefit from this payment because the only thing that may get corrected is some non-existent viruses will kind of vanish, even though they hadn’t been there at all. So this vicious circle can be exited in but one way – you need to uninstall this scam application for good, and it’s preferable to leave this to a professional program that actually works.
21.01.2012 | Malware Type: Browser Hijackers
By just taking a look at Hooot.com website, it becomes pretty obvious that its informational value is close to zero. In that case, how come people are visiting the page after clicking search engine results? It’s simple to explain: Hooot.com is one of those browser hijackers whose existence is tightly related with the redirect virus affecting users’ navigation throughout the major search systems. If your web browser has been repeatedly sending you to the domain in question, it’s mostly likely that deep down your computer system there is a rootkit or trojan infection doing this. What is more, it usually takes an antivirus utility to find, isolate and delete this bug completely. Wondering why it’s Hooot.com you keep visiting? That’s because, as you can see from the screenshot, it contains ads which are an online type of commercials. The more people click on them, the more money the fraudsters earn from this campaign. Since it’s really annoying to be forced to visit the same page over and over instead of actually going to relevant sites, you should do your best to cope with this cyber prankster. It’s pretty tough and sad to be deprived of the ability to surf the Internet and find what you need. So review the removal details below and use the info to eradicate the rootkit and thus resolve the spontaneous redirect problem you ran into.
16.01.2012 | Malware Type: Browser Hijackers
Having encountered MyStart.Incredibar.com redirect virus, the first thing you should do is urgently find a fix and implement it. It would be great if you took a look at the screenshot of this hijacker’s main page – does it look familiar to you? We bet it does because it borrowed a lot from Google’s interface, adding some additional features of its own (ads mostly). One of the things making MyStart Incredibar infection different from most of the current search engine redirectors is the fact it installs a toolbar of its own, thus changing some of your default browser settings and the Internet configuration. So you end up someday realizing that your home page has been changed to this particular URL, although you never really did anything for that to happen. Moreover, this bug hits your web searching via Google, Yahoo!, Bing, MSN and other renowned and popular systems of this kind. So you are highly likely to start getting redirected to MyStart Incredibar page when you try to look something up on one of the engines listed above. Obviously, that is all a big problem that needs tackling somehow. So what do you do to get this nasty little hijacker off your computer system? We recommend a remedy that proved to work with this sort of malware. Just install the security solution below and launch a scan. It’ll detect all the traces of this adware inside your Operating System and delete them all upon your request. You can alternatively try the manual way but that’s more of a lottery because some cyber threats can create backup copies of its critical files on a PC so that they can get back to life after manual manipulations by the user. Anyway, you should definitely address this issue as soon as possible, so make this pest go away now.
09.01.2012 | Malware Type: Fake Security Programs
The rogue pc performance optimizer called System Check has been causing computer users a great deal of trouble during the last week or so – since it went live. This invention of the international cyber criminals is both misleading and potentially dangerous for the machine it gets into. As far as the functional scheme is concerned, System Check is in no way original as compared to some of its forerunners such as System Fix, Data Restore and many others. As you can easily discern from our previous posts, even the looks of their GUIs are pretty much the same but for the app’s name of course. If you are surfing the Internet a lot, chances are you fall victim to this scam after clicking something you deemed safe and even useful, without being aware of the downloader trojan embedded into those links or files. Once the trojan jumps over to your computer, it’s all going to take place in no time. This piece of malware creates the preliminary malicious environment for System Check’s trialware to start acting. Those are bad files, devastating Registry keys and unwanted browser add-ons. Such radical modifications will lead to the following symptoms of the virus’ activity: it’s going to keep popping up in the shape of fake scanners, deceitful alert messages etc. All of them are definitely going to tell you that your PC is working at its full capacity and that the system is encountering critical errors with the HDD, RAM memory, data readability and so on. Then, to help you fix these, System Check states you need to get down to repairing measures immediately. However, if you decide to indulge in this you’ll realize that it won’t do without your making a payment for registering this chameleon program. In other words, you are being tricked into purchasing an application you don’t need and which can cause further damage to your OS. To avoid all of this, you need to get rid of System Check scareware without delay.
31.12.2011 | Malware Type: Rogue Anti-Spyware
Detection and elimination of Super AV scareware program is a matter of pretty high importance. We’re not sure whether it makes sense naming all the side effects of this rogue’s stay on your computer, but we will. Super AV is definitely not real security software and won’t actually do any of the things it declares. First off, it detects the threats that are imaginary, i.e. those whose presence on your PC is not just doubtful – it’s a proven fact they aren’t there. The thing is, by reporting such items the program simply tries to entice you to buy it. It’s perfectly clear that purchasing fake software means you lose money and receive nothing in return. However, the activity of Super AV goes beyond simply tricking PC users. It may cause direct damage to the host Operating System by distorting Windows registry and interfering with the way the system is functioning in the worst way. You may encounter some problems launching normal applications because the rogueware will typically try to block them. Also, the web browser is likely to get hijacked to repeatedly take you to phishing sites, bogus search engines or some pages where you are requested to pay for the licensed copy of this tool. All in all, Super AV is certainly not one of those utilities that are worth your trust and the time spent. So make a move and counterattack this fraudulent app posing as an antivirus.
26.12.2011 | Malware Type: Rogue Anti-Spyware
It’s never a trifle to deal with Home Security Solutions fake antivirus. This malware is hard to prevent from attacking your PC, difficult to control when it’s on the machine and really complicated to uninstall once you realize what it is in fact. However, if not all of these obstacles are 100 percent are possible to handle, the former (i.e. removal) is something we can guide you through. So let’s move on. Home Security Solutions is scam software that was born to the workshop of bad cyber smiths. That’s figurative of course but definitely depictive of the nature of this fraudulent app. During compilation process, the hackers have obviously hard-coded some features that would actually make their brainchild a rogue. Those are Task Manager opening inability, legitimate antivirus software’s activity prevention and of course the off-schedule system scanning. With regards to this alleged computer virus monitoring, the scanners by Home Security Solutions simply imitate this, reporting many nasty infections. Having told multiple times that your workstation is infested with dangerous harmful entities, this utility then insists that you must urgently make certain steps to pretty much rescue your cyber life. It advises you to push the activation link on its interface, which will take you to a screen where you can subscribe for this ‘service’ for $50 (6 months) – $90 (lifetime guard). So, would you be happy to get yourself a lifetime protection against viruses that will never work? If so, go for it at your own risk and discretion. If not (which we hope is the case), see below for details.
23.12.2011 | Malware Type: Browser Hijackers
Mediashifting.com is an incredibly noxious piece of adware that provokes undesired consequences for any computer it lands on to. There has been much talk about the search engine redirect virus lately which affects numerous users who tend to surf the Internet a lot. This infection makes your browser act up in several ways. First of all, the homepage that you set as default may be substituted by a completely different URL without any action on your end. That’s quite impudent, isn’t it? Moreover, another aspect of this malware issue is about mapping the links in legitimate search systems’ results to phony ones. In either case, Mediashifting.com is going to show up instead of the right sites that you expect to hit. All of this is an outcome of illicit practices implemented by a trojan horse that must have penetrated your PC. This nasty little prankster has been ‘trained’ to change the settings that determine one’s mode of web browsing. The reason why this awful routine may have touched upon your private cyber life is money. Actually, it’s always about money when it comes to cyber crime, this instance not being an exception at all. The more people visit Mediashifting.com, the more cash the hackers may earn. This is one of the main trends of today’s Internet which consists in traffic conversion routine. Unfortunately, the criminals chose to apply bad methods for achieving that milestone. Therefore, if you are having a PC problem that has to do with random redirects to Mediashifting.com, you should immediately follow the procedure outlined below.
14.12.2011 | Malware Type: Rogue Anti-Spyware
Security Monitor 2012 goes beyond the comprehension and notion of security software – because it’s a fake. The rogue antivirus industry seems to be gradually coming back to life after a number of police raids last summer. In May this year, we wrote about the program called Security Solution 2011. The reason why we mentioned this fact is for you to be able to compare the Graphical User Interfaces of these two utilities. Notice some similarity? Of course you do – moreover, they look almost the same, which testifies to their common origin. Security Monitor 2012 squeezes through your firewall and other guarding facilities in a way which in most cases excludes the possibility of detection. That’s why it’s usually a big surprise for users to see a program they don’t remember to have ever installed. When on board your computer, this badware starts scaring you with a bunch of instruments it has in store: those are some phony virus scanners and popup warning notifications. You may concurrently experience some application launching difficulties that keep you from running virus defense software. So, why is Security Monitor 2012 on your PC and what does it want from you? It doesn’t take a scientist to answer that one: this scareware is after money. It gradually gets you to the point where you realize you got malware issues and must do something about it. If this fraudulent goal is a success, you may get scammed out of a fee that equals the cost of the license for this product. It’s obvious what a bad idea it is to buy Security Monitor 2012, so you should not make such a serious mistake. Remember – if this particular application were not on your computer, you would have none of those problems because all the infections it claims to have spotted on your machine are not there, being just a part of the tactic.
14.12.2011 | Malware Type: Ransomware
The creativity of the present-day hacktivists gets pretty astounding once in a while. They have been apparently shifting their endeavour lately to things like desktop locking. Along with the furious rounds of the fake Metropolitan Police alert, there comes a new version of it. This latest one is designed to look like it hails from Strathclyde Police Service. It says your IP address has been spotted to indulge in illegal online activity such as viewing child pornographic materials and scenes of violence. Generally, this species of the infection is called the Strathclyde Police Ukash virus. Ukash – because the criminals want to get you using this payment processing system to pay the ‘ransom’ or, legally speaking, the ‘fine’ for unblocking your system. Here is a fragment of text from this counterfeit message: “From this IP address it was visited sites containing banned scenes of violence against people, as well as viewing banned in the United Kingdom child pornographic materials”. Then, at the end, it goes this way: “The computer has been locked to prevent your illegal activities on the Internet. To unlock the computer you are obliged, within 48 hours of receiving this notice, to pay a fine of 100 GBP”. Mind the grammar of this message – it appears as though it was written by someone who is apparently not a native English speaker. So, what do you do to actually unlock your machine and stop this noxious alert from appearing further? Here’s the plan: reboot your PC. When the Operating System starts to load, keep hitting F8 to get into Safe Mode or Safe Mode with Networking. Then, go to this page and download the spyware removal tool below. Run a scan and get the trojan deleted. If anything goes wrong during this procedure, please let us know.