Threat Description:
Win-live-care2010.com is a new part of the hideous mechanism pursuing the objective of promoting rogue security software. Win-live-care2010.com is pushing Windows Defender 2010 crimeware whcih is a general name for a group of insecure applications exploiting the same common malcode (e.g. XP Guardian or XP Antivirus Pro 2010). If one of the above-mentioned unsafe programs penetrates into your system, it will generate deceptive scanners and popup ads that erroneously report many infections and recommend you to get this whole thing fixed. It’s then that you get rerouted to Win-live-care2010.com without your consent. When on Win-live-care2010.com, you can either exit it or do what it prompts. The former option (i.e. navigating away) will prove to be merely a temporary relief because the still hijacked browser will exhibit the same activity over and over. So you will get one principal choice: to purchase Windows Defender 2010 or one of its clone rogue anti-spywares; or get rid of Win-live-care2010.com hijacker.
Threat Description:
Onecare-antivirus2010.com is entirely devoted to distributing malicious software. The site we have indicated is a browser hijacker of Windows Defender 2010 – a rogue anti-spyware product that has been ’successfully’ invading its own malicious niche in the world of scareware applications. You probably won’t run into Onecare-antivirus2010.com unless your PC gets struck by Windows Defender 2010 or any of its clone applications (there are around 10 of them on the whole). The crimeware tends to jack up the web browser on the machine it hits. This will be a reason for browser rerouting that takes place forcibly. In other words, when you try to launch your web browser you will be re-navigated to Onecare-antivirus2010.com which insists that you need to register some software you definitely do not need. This sort of activity is common with rogueware applications and targets new sales of the fraudulent licenses.
Threat Description:
Hourbrand.com is a web page designed to intimidate computer users into buying rogue anti-spyware, Virus Protector being the sponsoring scareware. Hourbrand.com looks as if it were some legit online scanner but it’s critical to know that it’s not genuine. One more essential thing to keep in mind is that if you are getting redirected to Hourbrand.com it means you have a trojan virus on your computer which is actually calling forth this annoying browser activity. Also, the web page being described in this article contains malicious scripts which, if passed over to your system, may cause some additional unwanted symptoms. Hourbrand.com tries to persuade you that it’s scanning your computer for malware and other security issues. No wonder it reports many detected items when through. The plan of Hourbrand.com hijacker pre-supposes the presence if a malignant downloader in its structure.
Threat Description:
Browsersecurecheck.com is a browser hijack originator providing online promotion to the new nasty rogue spyware remover called Antivirus 7. Browsersecurecheck.com is visited in only one case: if your system gets hijacked by a trojan horse. The trojan virus could have infiltrated your PC unnoticeably and has done some browser functioning distortion job. So, with this threat on your workstation, you won’t be able to visit sites because each time you try to you’ll end up on Browsersecurecheck.com/block.php page which reads “Warning! Visiting this site may harm your computer!”. There are two options provided there (please see below): Continue Unprotected and Get security software, the former being inactive. So as you must have figured by now, the only option is the latter one. If you click it though, you will get rerouted to one of the 2 possible payment pages supporting Antivirus 7 scam. Each of them will recommend you to become the ‘happy owner’ of Antivirus 7 software and even provide a discount of $33.30.
Threat Description:
Smart Security (also known as SmartSecurity) is a fake anti-spyware program that continues the malicious job started by Security Tool – its direct precursor. Apparently, Smart Security as been released to bring its creators some commercial gain by tricking people. It installs in a hidden manner using trojans for exploiting vulnerable spots of the potential host Operating System. Smart Security’s intrusion will typically bypass the user’s attention because it all takes place on the background. When inside, Smart Security makes certain system changes such as Windows Registry modification and creation of new corrupt files on the system. This kind of fraud job performed by Smart Security leads to its taking over your system. Smart Security will make your PC run its junk executables which turn out to outrank the rest of your system processes. The ‘fun part’ will begin with the multiple popup ads and security scanners displayed by Smart Security stating that you are having some serious malware issues and need to get them corrected.
Threat Description:
Whenever you happen to encounter the computer program called Antivirus 7 (alias Antivirus7), we highly recommend that you stay clear and refrain from downloading it, nor should you click any of its popup ads. Antivirus 7 is actually a scareware system buster that attacks computers stealthily and deliberately makes the infected PCs act up. This bad program displays loads of hectic popup alerts and runs scanners that are supposed to impersonate some sort of a computer check for viruses and other potentially unwanted applications. All these warning messages appear out of the blue and notify you about some risks which have been detected on your machine. It’s important to realize though that Antivirus 7 makes up all of its malware detection reports for one basic purpose – to spoof you out of your money. Indeed, Antivirus 7 first claims to have found something suspicious on your computer and then tells you that you need to register its full version to tackle all these issues which are in fact non-existent and must not be taken for granted.
Threat Description:
Trojan.Makplu.A (alias Trojan.Makplu) is one of the numerous dreadful threats exploring the Internet to find new victims and badly damage their computers in case of successful intrusion. Trojan.Makplu.A usually comes as a hidden component of various files downloadable from different unsafe web sources. On infiltrating your Operating System, Trojan.Makplu.A uses its process ‘Spoolc.exe’ to take over your machine. Your computer will be sure to start acting up. This activity will be discernible through slower system functioning, Internet connection problems and possible browser hijack. Trojan.Makplu.A is additionally prone to triggering some ads that mislead you in various ways into clicking them and consequently let another malware inside unknowingly. Also, chances are this parasites opens a backdoor for computer crooks to get unimpeded access to your system. So it doesn’t only jeopardize your computer’s functioning, it also poses a potential threat to your own privacy.
Threat Description:
Vista Internet Security 2010 is a piece of malware code that has been spreading through the web notably fast during this month. The application being looked into is in fact rogue anti-spyware, which means it’s apparently not (and the opposite to) what it claims to be. It refers to the same family as Vista Antivirus Pro 2010. A relevant factor of Vista Internet Security 2010 dangerousness consists in its backdoor infiltration methods. It literally sneaks into the depth of one’s system without letting the user know. This particular intrusion way does not do without the use of trojans whose part of the ‘mission’ is to spot and exploit vulnerabilities of the to-be host. Now, let us list the most common symptoms of Vista Internet Security 2010 residing inside one’s OS. These are: Registry and files modifications, system productivity deterioration and of course the fake scanners and phony popup alerts, being the integral attribute of any scareware campaign.
Threat Description:
Win 7 Internet Security 2010 is a sample of rogue anti-spyware at its worst. This unsafe program infects Windows 7 based Operating Systems that turn out to be incapable of resisting the attack of a trojan downloader carrying the dangerous load of the scam software in question. Win 7 Internet Security 2010 adds some registry keys that subsequently compel the compromised system to execute the associated corrupt process known as ‘Av.exe’. Once this is done, every boot of your system will be followed by an automatically launched alleged security scanner that pops up regardless of whether the user likes it or not. This scan will mimic a virus check on your PC. It will report tons of infections when through with the scan procedure. Then, Win 7 Internet Security 2010 recommends its victims to purchase its full version after clicking on the ‘Registration’ button. In that case, people get rerouted to Win 7 Internet Security 2010 official site that appears to be tied up to the billing (payment) system serving this scareware campaign.
Threat Description:
Pc-windows-live.com is a browser hijacker that functions for distributing the payload of XP Antivirus Pro 2010 rogue security program. It’s pretty interesting that Pc-windows-live.com, if accessed from a random computer, will return a web page dedicated to the software called Windows Defender 2010 which is in fact the general name for a whole family of scareware tools and does not really exist. Below is a screenshot of Pc-windows-live.com site that we made on our lab computer after we had it infected with XP Antivirus Pro 2010 malware. As you can see, it has identical design but promotes a different program than if you visit it directly. Such trick is a result of the malware’s intervention into your HOSTS file and some other system settings including the browser configuration, in the first place. So the only case when you hit Pc-windows-live.com is after a browser redirect implemented by rogue anti-spyware which evidently resides on your workstation, perhaps without you even being aware of it.