Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

spyware removal

WindowsRecovery Removal and Analysis

by Shanmuga
Thumbnail image for WindowsRecovery Removal and Analysis

Windows Recovery is a scareware which masquerades as a system performance optimization tool. Belonging to the FakeSysdef trojan family, it comes in many names including HDD Defragmenter, Check Disk, Windows Repair, Windows Restore, Windows SafeMode, Windows Fix Disk and Windows Recovery. It uses a variety of fake warning alerts about non-existent errors in computer hard

Read the full article →

Antivirus Protection Removal and Analysis

by Shanmuga
Thumbnail image for Antivirus Protection Removal and Analysis

Similar in design and behavior to Antivirus soft and Antivirus Live rogues, this scareware aggressively displays a number of fake security alerts about network infiltration attempts and non-existent malware. Hijacks Internet Explorer by modifying the proxy settings and automatically opens porn websites every now and then. IE is allowed to visit only the sites related

Read the full article →

BitDefender 2011 Removal and Analysis

by Shanmuga
Thumbnail image for BitDefender 2011 Removal and Analysis

This scareware uses the name of a legitimate security application to ply its trade upon unwary users. BitDefender 2011 scareware copies the logo and design elements of the well known bitdefender range of security products. Once installed, this rogue software blocks execution of legitimate programs with fake security alerts. These fake warning messages are very

Read the full article →

Antivirus AntiSpyware 2011 Removal and Analysis

by Shanmuga
Thumbnail image for Antivirus AntiSpyware 2011 Removal and Analysis

Antivirus AntiSpyware 2011 is rogue security application, similar to Internet Security 2010, Security essentials 2010, Security essentials 2011 etc., Once installed, this scareware produces frequent fake security warnings about non-existent malware and network intrusions. This rogue software pops up a security alert and blocks execution of legitimate programs. The fake security alerts come in a

Read the full article →

Antivirus Clean 2011 Removal and Analysis

by Shanmuga
Thumbnail image for Antivirus Clean 2011 Removal and Analysis

Antivirus Clean 2011 is a fraudulent security software that displays fake Windows warning messages about non-existent malware infections to scare the victim to purchase a license. This scareware actually phishes for the credit card data instead of just scamming the user for a subscription. The secure payment page to which the user is taken on

Read the full article →

Malware runs even in safe mode – Cleaning Malware

by Shanmuga
Thumbnail image for Malware runs even in safe mode – Cleaning Malware

Yes! malware can even run in safe mode and safe mode with networking. A common devious method is to inject a malware process into legitimate Windows processes like userinit.exe, explorer.exe etc., These processes are loaded as part of the core drivers and services that Windows loads during a safe mode boot.

Read the full article →

MS Removal Tool Removal and Analysis

by Shanmuga
Thumbnail image for MS Removal Tool Removal and Analysis

MS Removal Tool is similar in design and behavior to the System Tool rogue. It uses yellow system alert messages to get itself installed. MS Removal Tool blocks execution of most programs and Windows administrative tasks like Task Manager, Command prompt, Registry editor etc., presumably to protect itself and at the same time to scare

Read the full article →

Find and Remove SpyEye Banking Trojan

by Shanmuga
Thumbnail image for Find and Remove SpyEye Banking Trojan

SpyEye banking trojan first made its appearance about a year back as a competitor to what is till then known as the king of all bots Zeus/Zbot. Security researchers believe that both bots have now joined hands to prey upon online banking users world-wide.

Read the full article →

CleanThis Removal and Analysis

by Shanmuga
Thumbnail image for CleanThis Removal and Analysis

CleanThis scareware uses the Fake Security Essentials Alert to download itself on to the victim’s computer. Once installed, this rogue software proceeds to restart the system automatically, on restart access to the desktop is completely blocked. Taskbar is hidden, right click is disabled and the fake scan is run identifying non-existent malware. You cannot close

Read the full article →

Fake Security Essentials Alert Removal and Analysis

by Shanmuga
Thumbnail image for Fake Security Essentials Alert Removal and Analysis

Microsoft Security essentials is the name of the legitimate anti-malware product from Microsoft. The purveyors of scareware are using its name and design elements in their fake security alerts for quite some time now. The fake security essentials alert is a trojan downloader application. It is mostly used as an initial fake warning message which

Read the full article →

E-Set Antivirus 2011 Removal and Analysis

by Shanmuga
Thumbnail image for E-Set Antivirus 2011 Removal and Analysis

No. This is not a guide for removing the legitimate ESET NOD32 Antivirus software. There is a new scareware that goes by the name E-Set Antivirus 2011. Curiously while it uses the name of ESET, it uses an icon that is very similar to AVG icon. This fraud software uses the Windows UAC like darkening

Read the full article →

System Tool Removal and Analysis

by Shanmuga
Thumbnail image for System Tool Removal and Analysis

System Tool is a fake anti-malware program. Once installed on the system, it uses various scare tactics to make the user to part with his money. System Tool scareware hijacks the desktop wallpaper and displays its own with a huge warning text. It pops up frequent yellow system alerts with fake security warnings. This rogue

Read the full article →

Windows Defence Center Removal and Analysis

by Shanmuga
Thumbnail image for Windows Defence Center Removal and Analysis

Windows Defense Center uses the fake Microsoft Security Essentials alert to get itself on to victims computers. Once latched on to the system it blocks execution of most applications including system administrative tasks like command prompt, registry editor, task manager etc. It uses the names of legitimate running processes to create fake security alerts. Windows

Read the full article →

Sysinternals Antivirus Removal and Analysis

by Shanmuga
Thumbnail image for Sysinternals Antivirus Removal and Analysis

Sysinternals Antivirus is a malicious and fraudulent scareware program that uses fake Windows Security Center and fake Windows system alerts to warn the gullible users about non-existent malware infections and try to scam money out of the victims.

Read the full article →

Protection Center Removal and Analysis

by Shanmuga
Thumbnail image for Protection Center Removal and Analysis

Protection Center is a new fraudulent, malicious and fake anti-spyware program that attempts to cheat gullible users to purchase a subscription for itself. This program will simulate a scan of your system at every start-up and lists fake malware infections and produces a variety of genuine looking Windows system alerts that makes it difficult to

Read the full article →

Antispyware Soft Removal and Analysis

by Shanmuga
Thumbnail image for Antispyware Soft Removal and Analysis

Antispyware Soft is similar in interface and behavior to Antivirus Soft, Antivirus Live and Antivirus soft scareware. This malicious, rogue security software aggressively displays fraudulent system security alerts about non-existent network infiltration attempts and malware. The anti spyware soft rogue when installed: Installs the Fake Windows Security Center where all the links lead to its

Read the full article →

Data Protection Removal and Analysis

by Shanmuga
Thumbnail image for Data Protection Removal and Analysis

Data Protection is a malicious, fraudulent security software that uses a variety of fake system alerts to scare the users into buying a subscription. It initiates a fake system scan at every system start and purportedly finds many non-existent malware infections. This scareware: Installs TDSS rootkit Disables TaskManager Disables Command prompt, Registry editor Prompts to

Read the full article →

AKM Antivirus 2010 Pro Analysis and Removal

by Shanmuga
Thumbnail image for AKM Antivirus 2010 Pro Analysis and Removal

AKM Antivirus 2010 Pro is a malicious, fraudulent antivirus program that uses fake system alerts about non-existent malware infections and system infiltrations to scam the user’s into purchasing a useless license/subscription. The fake alerts are many and frequent making the computer nearly impossible to use for productive purposes.

Read the full article →

A-fast Antivirus Analysis and Removal

by Shanmuga
Thumbnail image for A-fast Antivirus Analysis and Removal

A-fast Antivirus is a fraudulent antivirus program that uses fake visual and aural system alerts to convince gullible users into buying a license for cleaning non-existent malware. The fake alerts are frequent and comes in many colors and sizes accompanied by an audio alert “Your System is infected. Activate full version to clear the system”.

Read the full article →

Cannot visit Security Websites – Cleaning Malware

by Shanmuga
Thumbnail image for Cannot visit Security Websites – Cleaning Malware

A common complaint heard from the victims of a malware attack is one of the following or its variations: Cannot visit antivirus sites – Cannot download antivirus software – Cannot update antivirus/antispyware definitions or updates. One of the symptoms of a malware infection is the inability to visit security related websites, presumably to gather information

Read the full article →

Unable to start in Windows safe mode – Cleaning Malware

by Shanmuga
Thumbnail image for Unable to start in Windows safe mode – Cleaning Malware

Safe mode is one of the trouble shooting options available with Windows. In safe mode the PC starts only with those files that are necessary to run Windows. In situations when the malware auto start with Windows and block most of the legitimate programs from running, it becomes an invaluable tool in fighting malware. Most

Read the full article →

CleanUp Antivirus Analysis and Removal

by Shanmuga
Thumbnail image for CleanUp Antivirus Analysis and Removal

CleanUp Antivirus is a fake security software that uses fraudulent scans to find non-existent malware infections. It pretends to be an all-in-one security and Windows optimization suite. The interface is very similar to legitimate Windows Security Center and uses many Windows design elements in its interface.

Read the full article →

Digital Protection Analysis and Removal

by Shanmuga
Thumbnail image for Digital Protection Analysis and Removal

Digital Protection is one of the recent entrants to the never-ending line of rogue security software. Once installed this scareware produces a variety of system alerts that are designed to scare the gullible users to buy its subscription. It initiates a fake system scan at every system start and purportedly finds many non-existent malware infections.

Read the full article →