AntiMalware screenshot

A typical deceptive campaign is disguising harmful threats as legitimate security programs in order to steal money from inexperienced victims. AntiMalware is a particularly short-named version of this campaign, with clones with names such as Active Security and Total Security. AntiMalware uses an interface that is very similar to the Windows Defender and legitimate Microsoft security programs, to make the victim believe that AntiMalware is a legitimate anti-malware application. Observing AntiMalware's design, you will quickly spot authentic-looking Windows and Microsoft Security Essentials logos as well as a layout that may seem familiar to most users of legitimate Microsoft Security...

Posted on November 9, 2009 in Rogue Anti-Spyware Program


Malware.Fishel is a Trojan that may open a conduit through which numerous malware can be transported onto a victim's computer system. Malware.Fishel may place a victim's financial and private information at risk of Identity theft. Malware.Fishel is a serious computer threat that should be removed immediately after it is detected.

Posted on November 9, 2009 in Trojans


Adware.Aureate is a bothersome adware program that monitors victims' browser habits. Adware.Aureate displays advertising pop-ups and banners according the type of websites accessed by the victim. Users that do not require Adware.Aureate on their computers may remove the adware program with anti-spyware software.

Posted on November 9, 2009 in Adware


Mal/FakeAv-BC is a Trojan that is involved in the distribution of rogue security applications. Once Mal/FakeAv-BC has managed to infiltrate a PC, a fake system scan will be conducted and irritating pop-ups will be displayed. Mal/FakeAv-BC may also modify the hosts file in order to block access to certain security websites. Mal/FakeAv-BC should be removed immediately as it can cause damage to your system.

Posted on November 9, 2009 in Trojans


Packed.Generic.265 is a malignant Trojan with the ability to hide its presence on a compromised PC. Packed.Generic.265 may spread via infected web links or drive-by downloads. Packed.Generic.265 may be a threat to the confidential information stored on a victim's PC. Should you detect Packed.Generic.265 on your PC, remove it immediately with a recognized security tool.

Posted on November 9, 2009 in Trojans


W32/AutoRun-AUJ is a network-aware worm that may put your computer and the information stored on it at risk. W32/AutoRun-AUJ can spread by copying itself to other existing networks. W32/AutoRun-AUJ may lead to the loss of sensitive data or other faults such as slow system performance. Victims are advised to use a security application to completely remove W32/AutoRun-AUJ.

Posted on November 9, 2009 in Worms


Backdoor:Win32/Poison.M gives remote attackers access to a user's PC by opening a backdoor into the system. Backdoor:Win32/Poison.M allows for the installation of additional parasites onto a victim's PC. The additional parasites may include proxy Trojans used to transmit spam, or keylogger Trojans that record keystrokes and send the data to remote attackers. It is advisable to remove Backdoor:Win32/Poison.M as soon as it is detected.

Posted on November 9, 2009 in Backdoors


Malware.Harakit is a worm that spreads via shared networks and infects as many computers as it can. Upon entering a system, Malware.Harakit may make modifications to the Windows registry in order to conceal its presence on the compromised system. Malware.Harakit may negatively affect the operation of your computer system. A reliable anti-spyware should be used to detect and remove Malware.Harakit.

Posted on November 9, 2009 in Worms


HeurEngine.MaliciousPacker is a dangerous Trojan with stealth-mode features common to Rootkits. HeurEngine.MaliciousPacker may have keylogger capabilities, enabling it to steal sensitive financial data such as passwords and credit card numbers. HeurEngine.MaliciousPacker may also allow remote attackers to install more malware onto a compromised computer. HeurEngine.MaliciousPacker is a security risk that must be removed from a PC.

Posted on November 9, 2009 in Trojans


W32.Koobface!gen is an infectious network worm that tends to target and spread through social networking sites like Facebook or MySpace. W32.Koobface!gen sends malicious messages with infected links to contacts on various social networking sites in order to spread. W32.Koobface!gen may install additional malware onto a compromised PC as well as slow down a computer's operation. W32.Koobface!gen is recognized as a security threat and should be removed if detected.

Posted on November 9, 2009 in Worms

Gumblar Domain is Active Again

It's Back! The Gumblar malware home domain was discovered as being inactive and then reactivated once again which means we may see an influx of hacked web sites. Gumblar is known as a vicious parasite that is able to steal FTP login credentials of web pages in addition to having the ability to hijack Google search results on infected computers. Search results laced with malware has been an increasing epidemic for some time now and with the recent restart of the Gumblar home page, gumblar(dot)cn (read more on gumblar(dot)cn), we may see an increase in these activities once again. The nature of Gumblar is to sneak malicious content onto a compromised website through an iframe which displays information from another website without the users' knowledge. Gumblar also checks to see if a hacked system is running un-patched versions of Adobe...

Posted on November 6, 2009 in Computer Security


Trojan-PSW.Banker is a sneaky computer threat that hides itself in the registry files of a compromised computer. Trojan-PSW.Banker modifies a computer's settings, making it vulnerable to attackers and giving them access to a victim's sensitive information. Trojan-PSW.Banker may also enable attackers to remotely use an infected machine in malicious botnet activities. To prevent possible Identity theft, remove Trojan-PSW.Banker immediately.

Posted on November 6, 2009 in Trojans


Backdoor.Win32.Bredolab.amm is a Trojan that opens a backdoor on unsuspecting victims' computers. Backdoor.Win32.Bredolab.amm is able to run in the background of a system without a user's knowledge. Backdoor.Win32.Bredolab.amm is contracted when a user unknowingly executes it, while clicking on an infected e-mail attachment or link. Backdoor.Win32.Bredolab.amm may connect to a remote server and install several dangerous programs onto the victim's computer.

Posted on November 6, 2009 in Backdoors


AdWare.Win32.Nieguide is a malicious software program that displays advertising banners and pop-ups. AdWare.Win32.Nieguide may enter a user's machine via infected websites or drive-by downloads. AdWare.Win32.Nieguide may also install additional programs onto a user's machine. AdWare.Win32.Nieguide should be removed with a legitimate security tool to prevent damage to system files.

Posted on November 6, 2009 in Adware


Downloader.MisleadApp is a Trojan that downloads malicious programs onto compromised computers. Downloader.MisleadApp usually spreads through suspicious e-mail attachments or links and may slow down the performance of your computer. Once executed, Downloader.MisleadApp will install random files onto the computer, which will later trigger a number of pop-up notifications warning that the system is infected with parasites. The warnings will also advice a user to purchase a rogue anti-spyware program such as Antivirus System Pro. To completely and safely remove Downloader.MisleadApp from your computer, you will need to use a legitimate anti-spyware program.

Posted on November 6, 2009 in Trojan Downloader