Bogema Security

By CagedTech in Rogue Anti-Virus Program

Bogema Security Image

ESG malware researchers have classified Bogema Security as a dangerous rogue anti-virus utility. This program, distributed on the domain, is a dangerous malware infection disguised as a legitimate anti-virus utility. Bogema Security is promoted through an ambitious Internet marketing campaign, which includes a very convincing website, a wiki, blogs, fake commenters and fake reviews on software download and rating websites. ESG malware researchers recommend strongly that you do not download or install Bogema Security. Most importantly, avoid entering your credit card information into Bogema Security's "registration" form, or into this rogue's official website. Bogema Security and Bogema Security's clones have been associated with cases of identity theft and credit card fraud.

Bogema Security’s Partners in Crime

Bogema Security is not unique. In fact, to make detection and eradication more difficult for PC security researchers, the hackers behind Bogema Security have created a large number of clones. Some clones of Bogema Security include Ultimate Guard, Unlimited Guard, Ultimate Defender, Unlimited Defender, Clean Security, Ultimate Scan, and many others. All of these clones of Bogema Security have a similarly large Internet marketing campaign behind them, and a strong search engine presence.

What the Makers of Bogema Security Really Want

Ignore the bogus information on Bogema Security's websites; the makers of Bogema Security are not interested in your computer's security. The main goal of rogue programs like Bogema Security is to steal your money. To do this, Bogema Security has components that will make your computer unstable and that hinder regular operations like launching executable files or browsing the Internet. Bogema Security may also be accompanied by a Trojan designed to relay your browsing habits to a third party. ESG malware research team recommends removing Bogema Security with a trustworthy anti-malware program. In case Bogema Security is blocking your ability to remove Bogema Security, starting up Windows in Safe Mode will usually prevent Bogema Security from loading.

Things to Keep in Mind When Removing Bogema Security

ESG team of malware researchers recommends running a full scan of your computer system once you have removed Bogema Security, or even if you have only visited Bogema Security's website, Rogue security programs like Bogema Security seldom attack alone, and there may have been additional malware installed on your computer. ESG malware researchers also recommend changing your passwords and safeguarding your personal information. There is a possibility of these having been compromised during the time Bogema Security was installed on your computer system.

File System Details

Bogema Security may create the following file(s):
# File Name Detections
1. %Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe
2. %Documents and Settings%\[UserName]\Local Settings\Temp\[RANDOM CHARACTERS]
3. %Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS]
4. %Documents and Settings%\All Users\Application Data\[RANDOM CHARACTERS]

Registry Details

Bogema Security may create the following registry entry or registry entries:
HKEY_CURRENT_USER\Software\Classes\.exe\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe"'
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "FirewallOverride" = '1'
HKEY_CURRENT_USER\Software\Classes\exefile\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%Program Files%\Mozilla Firefox\firefox.exe" -safe-mo
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center "AntiVirusOverride" = '1'
HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\BrowserEmulation "TLDUpdates" = '1'
HKEY_CLASSES_ROOT\.exe\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exe" -a "%1" %*'
HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command "(Default)" = '"%Documents and Settings%\[UserName]\Local Settings\Application Data\[RANDOM CHARACTERS].exee" -a "%Program Files%\Internet Explorer\iexplore.exe"'


Most Viewed