We’re compiling a list of the latest batch of very bad bugs. We will be adding to this list regularly. Viruses, Trojans, Rogue Malware, Worms, or whatever the current definition ends up being, we are tracking them and removing dozens of these infestations every week since June 2008. FakeAlert is the most common classification for these products (essentially HostageWare).
Most of these are the same infection slightly repackaged under a new name. The authors of these infectious pests are all using the same toolkit, which explains the similarity. Be observant. Look for grammar, sentence structure and spelling errors in the messages produced by any program. These are signs of Rogue Malware. Whatever you do, DON’T pay them what they ask for “fixing” the infections they “found” on your computer. THEN they will have your Credit Card Information!
If you see any sign of these on your computer, don’t waste your time trying to fix it. You will not be successful, you’ll waste hours of your time and will still need a professional to resolve the problem. Bring it to a VERY qualified shop (NO GEEKS) to have it scrubbed or backed up and reinstalled.
At the time of this update (September 26, 2009), Facebook is still the most likely place you will stumble over these infections. Read our blog entry on Facebook for more information.
- XPAntiVirus2009
- XPAntiVirus2008
- XPAntiVirus2007
- AntiSpyware2007
- PowerAntiVirus2009
- AntiVirusXPPro
- VistaAntiVirus
- XPAntiSpy
- MS Antivirus
- AntiSpywarePro XP
- Easy Secure Cleaner
- VirusRemover 2008
- AntiMalwareGaurd
- Ultimate Cleaner
- Contravirus
- System Antivirus 2008
- Registry Defender Platinum
- XL Guarder
- Total Secure 2009
- DrAntiSpy
- Defender 2009
- Pro AntiSpyware 2009
- VirusRemover2008
- VirusProtect 3.9
- Antivirus Master
- AntiverminsPro
- WinSpywareProtect
- Spyware Terminator
- Perfect Defender
- Free Registry Fix 3+
- Anti-Virus-Pro
- Virus Remover 2008
- Registry Doctor 2008
- AntiSpyware Master
- Rapid AntiVirus
- Antivirus 2010
- AWOLA Anti-Spyware
- Spy Protector
- PC Protection Center 2008
- Antivirus 360
- Advanced XP Fixer
- Microsoft Security Adviser
- AntiMalwareGuard
- Advanced XP Defender
- XPPoliceAntivirus
- Internet AntiVirus Pro
- PC MightyMax 2009
- SpywareProtect2009
- Personal Antivirus
- AntiVirus System Pro
- Sysguard
- WinSpywareProtect
- Virus Shield 2009
- Malware Catcher 2009
- PcDefender
- Perfect Defender 2009
- Malware Doctor
- AntiVirus System Pro
- Home AntiVirus 2010
- Search Guard Plus (My Tattoons)
- PC Security Shield
- AntiVirusOne
- ErrorRepair Tool
- RegistryMighty
- Windows Police Pro
- Total Security
- AdvancedVirusRemover
- Error Cleaner
(you may find duplicates… it’s a long and growing list)
We are routinely asked “Where did I get this?” The answer is complicated. The distribution of these very nasty infections has evolved from fake SPAM email campaigns, to social networking infected banner ads, to sponsored search results. So, basically, whatever you do, the odds for being infected by the newest batch of infectious pests is extremely high. This is the worst level of infection (based on distribution and level of difficulty to remove) in the history of our business (15 years).
Non-Current, but still occasionally encountered:
- ErrorSmart
- ErrorGuard
- WinAntiVirusPro2006
- WinFixer
- Spyware Sheriff (usually bundled with Smitfraud variants and Vundo)
If you see the phrase VIRUS ALERT! where your clock should be, you’re in big trouble. It’s not to say this infection can’t be removed, just that to do a proper job of cleaning this pest off your computer can be very time-consuming as it disables any number of critical processes, making troubleshooting and repair difficult and expensive.
This pest (and one or two others) disable any combination of the following:
- CTRL+ALT+DEL (Task Manager)
- Regedit
- msconfig
- Run
- Programs access
- Hard Drive Access
- Control Panel
- User Policy Lockdown
