VBS.Sasan

VBS.Sasan (alternatively known as Worm.VBS.Sasan.A) is a worm that was created in .VBS language and is capable of altering the registry so that VBS.Sasan may begin running as soon as Windows starts up. VBS.Sasan may then endeavor to download and install additional malware onto the compromised computer system, causing serious performance degradation.

Posted on July 14, 2009 in Worms

Sdbot-XK

Sdbot-XK, also referred to as Win32/Sdbot-XK, is a network worm that provides backdoor access to an infected computer by which unapproved downloads and installations may occur. Sdbot-XK usually spreads by exploiting the weaknesses in LSASS, RPC DCOM, WorkStation service, Microsoft SQL 2000, and Microsoft SQL servers with weak passwords. Once active, Sdbot-XK may then move itself to the Windows system folder under the designation b.exe. Sdbot-XK then alters specific registry values in order to begin operating as soon as Windows starts up, in addition to disabling Windows Internet Connection Firewall, Automatic Updates and Security Center.

Posted on July 14, 2009 in Worms

Fake Windows Malicious Software Removal Tool

Fake Windows Malicious Software Removal Tool is a fake security application that pretends to be the MSRT or Malicious Software Removal Tool which is a legitimate security program offered by Microsoft. Fake Windows Malicious Software Removal Tool is designed by hackers to trick computer users into purchasing a fake security application. Fake Windows Malicious Software Removal Tool is exploited through a Trojan infection which is known to populate the program files directory with a malicious executable named "MalwareRemoval.exe" and install a "MalwareRemoval" directory with the "Security Center.exe" file. Upon starting up of Windows, MalwareRemoval.exe will load and then display a screen that resembles the legitimate MSRT application in hopes that a computer user will click on a function to remove certain infections that it supposedly...

Posted on July 13, 2009 in Rogue Anti-Spyware Program

Anti-virus-best.info

Anti-virus-best.info is a browser hijacker promoting the rogue anti-spyware application known as AntivirusBEST. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Anti-virus-best.info domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover AntivirusBEST.

Posted on July 13, 2009 in Rogue Websites

Trojan.Dozer

Trojan.Dozer is a virus that performs distributed denial of service (DDoS) attacks. It arrives on a computer via spam email attachment, and once it has entered a computer and become active, Trojan.Dozer attempts to connect to specific IP addresses in order to open a backdoor for an unauthorized remote user to gain access to the system. This may lead to identity theft. Trojan.Dozer also downloads additional malware onto the compromised machine, while trying to replace the master boot record and searching for files with certain extensions, in order to delete the ones it cannot open or that are zero bytes in size.

Posted on July 13, 2009 in Trojans

Antiviruspcscannerv7.com

Antiviruspcscannerv7.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antiviruspcscannerv7.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 13, 2009 in Rogue Websites

Antimalwarecheckv6.com

Antimalwarecheckv6.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antimalwarecheckv6.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 13, 2009 in Rogue Websites

Itsecure.microsoft.com

Itsecure.microsoft.com is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO. Itsecure.microsoft.com is not part of the Microsoft Corporation. Hackers use legitimate company names to mislead computer users hoping that users will fall for a scam. The rogue website Itsecure.microsoft.com is not related or affiliated with Microsoft. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Itsecure.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate or persuade the user into purchasing the fake spyware remover Antivirus System PRO.

Posted on July 13, 2009 in Rogue Websites

Spyware XP Guard

Spyware XP Guard is a rogue anti-spyware application that infiltrates a computer with the assistance of trojan viruses. Once active, Spyware XP Guard bombards the system with countless falsified security alerts in order to scare the user into thinking the computer is infected. These are followed by fake system scans displaying fictitious or sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Spyware XP Guard.

Posted on July 10, 2009 in Rogue Anti-Spyware Program

Spywareurladvisor.com

Spywareurladvisor.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Spywareurladvisor.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 10, 2009 in Rogue Websites

MProtect 2009

MProtect 2009 is a rogue anti-spyware application originating from the same family as Malware Protection 2009. MProtect 2009 spreads by way of trojans and malicious websites, infiltrating computers in order to flood the user with popup windows and fake security alerts, in order to trick the user into believing that the computer is compromised and the only solution is to purchase and download the commercial version of the fake spyware remover MProtect 2009. Fabricated system scan results also accomplish this goal.

Posted on July 10, 2009 in Rogue Anti-Spyware Program

Media System Codec

Media System Codec is a malicious software masquerading as a video or audio codec. Advertised as a coder/decoder required for loading and viewing specific media files on fraudulent and most often malicious websites, what the user typically receives after installing Media System Codec is adware. Media System Codec has been known to display a large quantity of unwanted popup advertisements.

Posted on July 10, 2009 in Malware

PC Security 2009

PC Security 2009 screenshot

PC Security 2009 is a rogue security application that is part of the same family as Home Antivirus 2009 and WinReanimator, both rogue anti-spyware programs. Through many aggressive and misleading tactics, PC Security 2009 attempts to force computer users into purchasing a full version of PC Security 2009. The Trojan infection called Trojan-Downloader.Braviax may be responsible for installing the PC Security 2009 application without permission from the computer administrator. Fake warnings, popup messages and system scans are all part of PC Security 2009's scam to tempt purchase. One of the fake warnings displayed by PC Security 2009 reads similar to the following: "WARNING! PC Security...

Posted on July 9, 2009 in Rogue Anti-Spyware Program

Top 20 Countries Found to Have the Most Cybercrime

Have you ever wondered which countries face the most cybercrime? If you have ever wondered which countries have the most cybercrime, then you may be surprised to know that there are few contributing factors that attract cybercriminals to specific regions of the world. Security research firm, Symantec, has discovered specific factors that determine why a certain country is plagued with cybercrime more so or less than another which allowed them to come up with a ranking for each. Symantec has ranked 20 countries that face, or cause, the most cybercrime. In compiling such a list, Symantec was able to quantify software code that interferes with a computer's normal functions, rank zombie systems, and observe the number of websites that host phishing sites, which are designed to trick computer users into disclosing personal data or banking...

Posted on July 9, 2009 in Computer Security

Adware.Component.Toolbars

Adware.Component.Toolbars is a false security threat created and launched by the rogue anti-spyware application Smart Defender PRO, in order to scare users into purchasing the malicious program. Adware.Component.Toolbars notification reads as follows: "INFILTRATION ALERT. Your computer is being attacked from Internet. It could be a password-stealing attack, a trojan-dropper and so on. DETAILS: Attack from 119.226.114.205; Attacked port: 21373; Threat: Adware.Component.Toolbars. Do you want this program to block this attack?" Unfortunately, ignoring this message is not an option, while accepting the prompts will cause you to purchase and download the fake spyware remover Smart Defender PRO. It is important that you remove both Adware.Component.Toolbars and Smart Defender PRO as soon as they are detected.

Posted on July 9, 2009 in Fake Error Messages