Malware

System Defender is a rogue antispyware program, or a PC infection made to look like real security software. System Defender is a scam designed to trick people out of their money. If your PC has been infected with System Defender, you will most likely experience the following symptoms: System scans that report numerous infections, yet requires purchase of System Defender before it will remove the infections (These are fictitious scan results) Alerts and Pop-Up system warnings stating the PC is infected and recommend purchase of System Defender (These warnings are fake) Web browser redirecting to random websites (these websites are owned by cyber thieves and will further infect your PC) System Defender will prevent other programs from opening, stating they are infected (The programs are not infected) System Defender is a very serious computer infection and should be removed from infected machines immediately. ...

ProtectSoldier is the latest rogue antispyware program released by cyber thieves to terrorize PC users. ProtectSoldier is phony security program that trick people into buying the software with false security warnings and system scans. By displaying false system warnings, pop-up alerts warning of infections, and system scans that state the PC has numerous infections, cyber thieves rip people off by demanding the user buy the program to remove the supposed infections. ...

ArmorDefender is the latest rogue antispyware program released by cyber thieves to terrorize PC users. ArmorDefender is phony security program that trick people into buying the software with false security warnings and system scans. By displaying false system warnings, pop-up alerts warning of infections, and system scans that state the PC has numerous infections, cyber thieves rip people off by demanding the user buy the program to remove the supposed infections. ...

Antivirus360 is a phony antivirus program, designed to rip people off. Cyber thieves who created phony software like Antivirus360 use scare tactics to frighten people into buying the software. Antivirus360 will show false security warnings and scan results stating the PC is infected and request payment for the software to remove the supposed infections. Antivirus360 is a complete scam and a potentially very dangerous PC infection that should be remove from infected computers. ...

ProtectDefender is a new clone of the WiniGuard family.

GhostAntivirus is a new rogue anti-virus application. It is a clone of InternetAntivirusPro.

Researchers at McAfee labs monitor Koobface activities 24/7 via custom honeypots and while reviewing one such update we noticed a variant that had debug/log features. Unlike the traditional captcha breaking technique to create new accounts, this variant of the worm converts the infected machine to a bot. When we analysed the malware trapped in our botnet, we found that this variant of Koobface has a special feature for logging all activities carried out during the infection process in a log file . Log file is created under system root with date and time stamp for eg, C:\fb_reg20090612.log. ...

Following the addition of Win32/Hamweq to the MSRT last month, MMPC will continue cleaning PCs in 2010 by adding another prevalent worm, Win32/Rimecud, to this month’s removal tool. This is due not only to Win32/Rimecud’s high detection numbers, which immediately follow those of Win32/Hamweq, but also to the similarities the two families share with each other. In fact, as part of its payload, Win32/Hamweq may download Win32/Rimecud, contributing to Rimecud’s suitability as the next target for MSRT. ...

SysDefenders is the latest addition to the clones of the WiniGuard rogue anti-spyware family. if your computer is infected above malware, you should remove it soon, Click Here to learn how to remove it soon.

Malware authors love to innovate when it comes to persistence and hiding their nefarious creations from detection, and although most of the schemes are not unknown to analysts, they still show that malware authors are constantly on the prowl and evolving their techniques. The example I have is of yet another registry-centric malware which by the nature of its construction has several advantages to defeating naive security software. The sample, detected as Troj/RegExec-A, is essentially a multi-component threat of sorts comprising of at least 3 components (Dropper/installer, Payload and Loader.) ...