1. BlockWatcher is a rogue anti-spyware program that is promoted through the use of Trojans. These Trojans appear to be Flash updates or video codecs that are required to watch an online video. Once the Trojan is installed it will download and install BlockWatcher on to your computer. The installer will also create numerous files that will then be detected as malware when BlockWatcher scans your computer. When you try and remove the "infections" it finds in the scan results, BlockWatcher will state that you need to first purchase it before it will remove anything. This is a scam, because the "infections" that are found are harmless and cannot harm your computer.
2. Windows Enterprise Suite is a rogue that is advertised through the use of fake online anti-malware scanners. When visiting various sites you will be presented with a pop-up that states your computer is infected. If you click on the pop-up, you will be brought to a page that shows an advertisement pretending to be an online anti-malware scanner. When the advertisement is finished, it will state your computer is infected and that you should download and install Windows Enterprise Suite.When Windows Enterprise Suite is installed it will be configured to start automatically when you login to Windows. The installer will also create numerous files on your computer that will then be detected as malware when Windows Enterprise Suite scans your computer.
3. Desktop Defender 2010 is a rogue security program from the Contraviro family. When installed this program will be configured to start automatically when Windows starts and will then create fake malware files that will be detected during the program's scans. Desktop Defender 2010 will not, though, remove any files that it states are malware until you first purchase the program. DO NOT attempt to purchase or use this scareware to remove any of the "infections" because you will be sending your credit card to cyber criminals and the files in quesiton may be legitimate Windows files.
4. Volcano Security Suite is a rogue anti-spyware program from the Smart Virus Eliminator family. It advertised through the use of fake online scanner pages that show an advertisement pretending to be an anti-malware scanner. When the advertisement finishes it will state that your computer is infected and that you should download Volcano Security Suite to protect your computer. Once downloaded and installed, Volcano Security Suite will be configured to automatically scan your computer when Windows starts and will also create numerous harmless files throughout your computer.
5. Windows System Defender is a rogue anti-spyware program that uses fake malware files and false scan detections to trick you into thinking that your computer is infected. After being installed, Windows System Defender will be configured to start automatically when Windows boots. The installer will also create numerous files on your computer that will then be detected as malware when the program scans your computer. If you try to remove these supposed infections with Windows System Defender it will state that you first need to purchase the program before it will do so. DO NOT attempt to purchase this as you will be sending your credit card information to cyber criminals.
6. Conflicker.B Spam Trojan - Cyber criminals are becoming more inventive with their viruses and this is a prime example of that. This is seen with a new SPAM email that is being distributed that contains an attachment, that when run, lowers the security of Internet Explorer and installs the rogue anti-spyware program called Antivirus Pro 2010 on to your computer. This SPAM pretends to be an email from Microsoft where they state that a new version of Conficker has been released and that the included attachment, called install.zip, is a tool that can be used to scan and clean your computer of this infection. In reality this attachment is a Trojan that will harm the security of your computer. The current text of the SPAM message is:
Subject: Conflicker.B Infection Alert
Message:
Dear Microsoft Customer,
Starting 18/10/2009 the ‘Conficker’ worm began infecting Microsoft customers unusually rapidly. Microsoft has been advised by your Internet provider that your network is infected.
To counteract further spread we advise removing the infection using an antispyware program. We are supplying all effected Windows Users with a free system scan in order to clean any files infected by the virus.
Please install attached file to start the scan. The process takes under a minute and will prevent your files from being compromised. We appreciate your prompt cooperation.
Regards,
Microsoft Windows Agent #2 (Hollis)
Microsoft Windows Computer Safety Division
If you download the attachment and open the ZIP file, you will see a file called install.exe. When the install.exe file is run it will change your Internet Explorer security settings so that Internet Explorer will run files that are normally considered risky. It will also display a fake security warning in your taskbar that states Windows has detected an infection. The text of this warning is:
Your computer is infected!
Windows has detected spyware infection!
It is recomended to use special antispyware tools to pervent data loss.Windows will now download and install the most up-to-date antispyware for you.
Click here to protect your computer from spyware!
Finally, the Trojan will download and install the rogue anti-spyware program called Antivirus Pro 2010 onto your computer, which will then state that you have numerous infections running on your computer. Please ignore any warnings that Antivirus Pro 2010 displays on your computer as they are all false and are only being shown to convince you to purchase the program.
****thanks BleepingComputer.com!****
Posts
No comments:
Post a Comment