Posted by Marcin on February 29th, 2008
Two more rogues were spotted by Bruce this afternoon. Details below.
Here are the interfaces of the actual rogue applications:
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for The LastDefender
Removal instructions for WinIFixer
Marcin Kleczynski
Posted by Marcin on February 28th, 2008
Just found this last night.
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for SpyWatchE
Marcin Kleczynski
Posted by Marcin on February 27th, 2008
I received an e-mail from a user asking me to blog about this rogue and figured I might as well. I had Bruce, our database guy, visit the SpySnipe website and test out the application. He did a lot more research and it is safe to say we were we surprised! This rogue was installed via multiple trojans and literally spewed popups all over our test machines. Stay away from this rogue application.
Here is the interface of the rogue application:
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for SpySnipe
Marcin Kleczynski
Posted by Marcin on February 27th, 2008
As you have probably guessed by now OnlineGuard does nothing to help guard your Internet. This is a rogue anti-spyware application and as always we have provided removal instructions below.
Here is the interface of the rogue application:
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for OnlineGuard
Marcin Kleczynski
Posted by Marcin on February 21st, 2008
Same types of rogue applications as reported in the previous post. These are installed when a user clicks a popup alert as shown below. Here are some alerts that the user may be presented with:
Here are the interfaces of the actual rogue applications:
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for Antispyboss
Removal instructions for MalwareAlarm
Marcin Kleczynski
Posted by Marcin on February 19th, 2008
These rogue applications are installed by the user after a fake warning is displayed. The user is fooled by phrases such as “Your computer is infected with SPYWARE” and “Warning! Your system might be at risk!” Obviously these alerts simply want to draw you in and force you to buy an application that will not do anything but sit there and lie to you.
Here are some alerts that the user may be presented with:
Here are the interfaces of the actual rogue applications:
If you have seen any of the windows above on your computer, it is recommended that you follow these instructions. We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for AdwareRemover 2007
Removal instructions for WinXDefender
Marcin Kleczynski
Posted by Marcin on February 18th, 2008
I have received a few e-mails asking what the following files and HijackThis entries are:
C:\WINDOWS\comsysobj.exe
C:\WINDOWS\shellexcon.exe
C:\WINDOWS\win32st.exe
C:\WINDOWS\winstrse.exe
O4 - HKLM\..\Run: [SMSERIALWORKSTARTER] “C:\WINDOWS\comsysobj.exe”
O4 - HKLM\..\Run: [SMSERIALWORKERSTART] “C:\WINDOWS\shellexcon.exe”
O4 - HKLM\..\Run: [SMSERIALSTARTER] “C:\WINDOWS\win32st.exe”
O4 - HKLM\..\Run: [SMSERIALWORKERSTARTER] “C:\WINDOWS\winstrse.exe”
These are part of the SpyBurner infection. If you need help removing them, please visit our SpyBurner removal guide below.
Removal instructions for SpyBurner
Marcin Kleczynski
Posted by Marcin on February 16th, 2008
Contrary to what one may think, this will do everything but burn spyware. SpyBurner is a rogue anti-spyware application that installs via a trojan. The trojan notifies you that your computer is infected and asks you to download SpyBurner.
We have provided removal instructions for anybody unfortunate to have downloaded this application.
Removal instructions for SpyBurner
Marcin Kleczynski
Posted by Marcin on February 15th, 2008
These are a bit older rogue applications, but I decided to point them out on the blog for a couple of reasons. SystemDefender is installed by quite a few crack sites and is one of the most aggressive rogue applications I have seen. This application continuously brings up warnings that your computer is infected and that you should buy their program. What else is new?
We have provided removal instructions for anybody unfortunate to have downloaded these applications.
Removal instructions for SysCleaner
Removal instructions for SystemDefender
Marcin Kleczynski
Posted by Marcin on February 15th, 2008
A new rogue has decided to pop up again. This one installs through the Vundo trojan. It drops fake malware and pretends to detect it hoping you will buy it.
We have provided removal instructions for anybody unfortunate to have downloaded this application.
Removal instructions for WinReanimator
Marcin Kleczynski
Recent Comments