SweeperLab

By Domesticus in Rogue Anti-Spyware Program

Threat Scorecard

Threat Level: 80 % (High)
Infected Computers: 1,278
First Seen: November 28, 2011
Last Seen: October 3, 2022
OS(es) Affected: Windows

SweeperLab Image

SweeperLab – A Threat Hailing from Korea

SweeperLab is part of a group of fake security programs that are designed to target victims located in Korea. Because this program's interface and pop-up messages are all in Korean, computer users not familiar with this language may have become alarmed at the presence of this disruptive program in their computer. However, regardless of your location, the way to deal with SweeperLab is to use a legitimate security program to remove SweeperLab automatically, preferably after restarting Windows in Safe Mode. In fact, not being able to understand this dangerous application's language may even be an advantage, since SweeperLab is a fake anti-virus program designed entirely to steal you money through a well-known online scam. Do not become a victim of SweeperLab; protect your computer system and remove this dangerous malware presence at once.

Understanding the SweeperLab Scam

SweeperLab follows the same pattern as most rogue security applications, in its attempt to scam its victims. Like most rogue security programs, the SweeperLab scam involves making the victim believe that their computer system has become severely infected with a large variety of dangerous malware. Most of the time, though, the malware on the victim's computer is SweeperLab itself, or malware directly related to this infection. Once the victim believes that his/her computer system is in danger, SweeperLab offers to remove all the fake infections, if the victim decides to purchase the useless 'full version' of this fake security program. ESG security researchers strongly advise against paying for SweeperLab, as this program has no anti-virus capabilities at all. Some ways in which SweeperLab attempts to convince its victims that their computer is in danger include the following:

  1. SweeperLab will run a highly-visible fake scan of the victim's computer system, claiming to have found a large list of potential problems and malware infections.
  2. SweeperLab will also pester its victim with a large number of security alerts, fake system alerts, error message, and pop-up messages from the task bar. These will all claim that the victim's computer is infected.
  3. SweeperLab can block access to certain applications and files, usually claiming that access cannot be granted, because the file in question is infected. While this is done to convince victims that their computer is infected, it also helps SweeperLab protect itself, by disabling any legitimate security programs on the victim's computer system.
  4. In the same vein, SweeperLab blocks access to the Internet, forcing its victim to visit SweeperLab's own website instead. This prevents the victim from looking for help online.

File System Details

SweeperLab may create the following file(s):
# File Name Detections
1. C:\Program Files\SweeperLab\SweeperLabLaunch.exe
2. %StartMenu%\SweeperLab
3. %ProgramFiles%\SweeperLab

Registry Details

SweeperLab may create the following registry entry or registry entries:
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\SweeperLabUp.exe
HKEY_CURRENT_USER\Software\SweeperLab
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run "SweeperLab"
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SweeperLab

Trending

Most Viewed

Loading...