Antispy.microsoft.com

Antispy.microsoft.com is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antispy.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Antivirus System PRO.

Posted on July 15, 2009 in Rogue Websites

W32.Slegon

W32.Slegon (also known as W32/Slegon.Worm) is a worm that spreads via removable storage devices and mapped network drives. Once active, W32.Slegon attempts to connect to a remote server in order to download additional malware onto the infected computer system. W32.Slegon may also modify registry entries in order to begin running as soon as Windows starts up.

Posted on July 15, 2009 in Worms

Win32/Pdfjsc.AV

Win32/Pdfjsc.AV is a trojan virus that may exploit the many varying weaknesses in pdf (portable document format) files on a computer in order to command the associated browser hijackers that connect infected computer systems to specified websites. These websites then deliver commercial malware, such as rogue anti-spyware programs, onto the computer by either coercing users to manually download and install adware, pay immediately to install full versions or dropping the adware from a backdoor if the malware contains relevant prohibited malicious scripts.

Posted on July 14, 2009 in Trojans

Pcsecurity-2009.com

Pcsecurity-2009.com is a browser hijacker promoting the rogue anti-spyware application known as PC Security 2009. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Pcsecurity-2009.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover PC Security 2009.

Posted on July 14, 2009 in Rogue Websites

Trojan.Rustock

Trojan.Rustock (variants Trojan.Rustock-N and Trojan.Rustock-B) is a virus that holds many functions, though some have yet to be studied. Trojan.Rustock may support the download of additional malware using the method of browser hijacking, causing the browser to launch numerous fake security alerts in an attempt to intimidate the user into believing that the system is infected. Trojan.Rustock has also been named by mailing service as one of the reasons why mail cannot be received from specific IP addresses.

Posted on July 14, 2009 in Trojans

VBS.Sasan

VBS.Sasan (alternatively known as Worm.VBS.Sasan.A) is a worm that was created in .VBS language and is capable of altering the registry so that VBS.Sasan may begin running as soon as Windows starts up. VBS.Sasan may then endeavor to download and install additional malware onto the compromised computer system, causing serious performance degradation.

Posted on July 14, 2009 in Worms

Sdbot-XK

Sdbot-XK, also referred to as Win32/Sdbot-XK, is a network worm that provides backdoor access to an infected computer by which unapproved downloads and installations may occur. Sdbot-XK usually spreads by exploiting the weaknesses in LSASS, RPC DCOM, WorkStation service, Microsoft SQL 2000, and Microsoft SQL servers with weak passwords. Once active, Sdbot-XK may then move itself to the Windows system folder under the designation b.exe. Sdbot-XK then alters specific registry values in order to begin operating as soon as Windows starts up, in addition to disabling Windows Internet Connection Firewall, Automatic Updates and Security Center.

Posted on July 14, 2009 in Worms

Fake Windows Malicious Software Removal Tool

Fake Windows Malicious Software Removal Tool is a fake security application that pretends to be the MSRT or Malicious Software Removal Tool which is a legitimate security program offered by Microsoft. Fake Windows Malicious Software Removal Tool is designed by hackers to trick computer users into purchasing a fake security application. Fake Windows Malicious Software Removal Tool is exploited through a Trojan infection which is known to populate the program files directory with a malicious executable named "MalwareRemoval.exe" and install a "MalwareRemoval" directory with the "Security Center.exe" file. Upon starting up of Windows, MalwareRemoval.exe will load and then display a screen that resembles the legitimate MSRT application in hopes that a computer user will click on a function to remove certain infections that it supposedly...

Posted on July 13, 2009 in Rogue Anti-Spyware Program

Anti-virus-best.info

Anti-virus-best.info is a browser hijacker promoting the rogue anti-spyware application known as AntivirusBEST. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Anti-virus-best.info domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover AntivirusBEST.

Posted on July 13, 2009 in Rogue Websites

Trojan.Dozer

Trojan.Dozer is a virus that performs distributed denial of service (DDoS) attacks. It arrives on a computer via spam email attachment, and once it has entered a computer and become active, Trojan.Dozer attempts to connect to specific IP addresses in order to open a backdoor for an unauthorized remote user to gain access to the system. This may lead to identity theft. Trojan.Dozer also downloads additional malware onto the compromised machine, while trying to replace the master boot record and searching for files with certain extensions, in order to delete the ones it cannot open or that are zero bytes in size.

Posted on July 13, 2009 in Trojans

Antiviruspcscannerv7.com

Antiviruspcscannerv7.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antiviruspcscannerv7.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 13, 2009 in Rogue Websites

Antimalwarecheckv6.com

Antimalwarecheckv6.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Antimalwarecheckv6.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 13, 2009 in Rogue Websites

Itsecure.microsoft.com

Itsecure.microsoft.com is a browser hijacker promoting the rogue anti-spyware application known as Antivirus System PRO. Itsecure.microsoft.com is not part of the Microsoft Corporation. Hackers use legitimate company names to mislead computer users hoping that users will fall for a scam. The rogue website Itsecure.microsoft.com is not related or affiliated with Microsoft. Due to affiliated trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Itsecure.microsoft.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate or persuade the user into purchasing the fake spyware remover Antivirus System PRO.

Posted on July 13, 2009 in Rogue Websites

Spyware XP Guard

Spyware XP Guard is a rogue anti-spyware application that infiltrates a computer with the assistance of trojan viruses. Once active, Spyware XP Guard bombards the system with countless falsified security alerts in order to scare the user into thinking the computer is infected. These are followed by fake system scans displaying fictitious or sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Spyware XP Guard.

Posted on July 10, 2009 in Rogue Anti-Spyware Program

Spywareurladvisor.com

Spywareurladvisor.com is a browser hijacker promoting the rogue anti-spyware application known as Personal Antivirus. Due to trojans infiltrating the computer via security exploits and modifying the browser settings, web-surfing activities are redirected to the Spywareurladvisor.com domain. Once here, the computer is subject to a fake online scan that displays fictitious and sometimes grossly exaggerated infection results, all in order to intimidate the user into purchasing the fake spyware remover Personal Antivirus.

Posted on July 10, 2009 in Rogue Websites