Subscribe to Malware Help RSS Feed RSS Feed - Subscribe to Malware Help. Org on Twitter Follow on Twitter - Malware Help YouTube Channel YouTube Channel - Subscribe to Malware Help by Email Subscribe by Email

spyware removal

Fake Security Essentials Alert Removal and Analysis

by Shanmuga
Thumbnail image for Fake Security Essentials Alert Removal and Analysis

Microsoft Security essentials is the name of the legitimate anti-malware product from Microsoft. The purveyors of scareware are using its name and design elements in their fake security alerts for quite some time now. The fake security essentials alert is a trojan downloader application. It is mostly used as an initial fake warning message which

Read the full article →

Advanced Defender Analysis and Removal

by Shanmuga

Advanced Defender is a fake security program that changes and disables the desktop background and then uses a flurry of false system messages in order to scare the user to purchase the program. This scareware disables the Windows task manager and stops Windows Security Center (wscsvc) to protect itself and blocks the execution of many

Read the full article →

Internet Security 2010 Analysis and Removal

by Shanmuga

Once installed in the system, Internet Security 2010 produces a variety of fraudulent messages about non-existent malware. The scare messages are designed to scam the user to purchase a subscription. These scare messages are very frequent and insistent making the computer unusable. It blocked the execution of internet browsers internet explorer, firefox and google chrome

Read the full article →

Malware Defense Analysis and Removal

by Shanmuga

Malware Defense extensively uses the Windows logo, icons and other design elements in its interface. This rogue software installs the notorious ‘fake windows security center‘ (wscsvc32.exe). The Virus Protection part of the fake windows security center urges the victim to activate Malware Defense license. ‘Fake security center alerts‘ about Windows Firewall detecting unauthorized activity are

Read the full article →

PC Live Guard Analysis and Removal

by Shanmuga

Similar in interface and actions to Windows Protection Suite and Additional Guard scareware, the PC Live Guard rogue security software pretends to be an all-in-one security and optimization suite. This scareware uses fraudulent scans and reports finding non-existent malware infections. The pop-ups, system alert messages including Windows UAC like darkening of the screen are very

Read the full article →

AntiMalware Analysis and Removal

by Shanmuga

AntiMalware is a rogue antimalware software with a professional looking interface. It uses a variety of scare messages including Windows UAC like darkening of the screen to persuade the unfortunate user to purchase a subscription. This scareware uses fraudulent Windows safety center ‘shield’ icon in its interface and as its task bar icon.

Read the full article →

Privacy Center Analysis and Removal

by Shanmuga

Privacy Center is the name of a rogue security software that advertises itself as a “Simple one-click solution to protect your PC“. It’s a fraud program that finds non-existent files as security and privacy threats to the user’s computer.

Read the full article →

Safety Anti-Spyware Analysis and Removal

by Shanmuga

Once installed this rogue anti-spyware software starts with Windows, runs constantly in the background and uses scare messages about non-existent malicious files to convince the user to pay for activation.

Read the full article →

Additional Guard Analysis and Removal

by Shanmuga

Additional Guard scareware -a variant of Windows Protection Suite- pretends to be an all-in-one security suite. This rogue security software uses Javascript and animated gif images to simulate a fake scan and fake security alert to trick the user into installation.

Read the full article →

Internet Antivirus Pro Analysis and Removal

by Shanmuga

Belonging to the family of Personal Antivirus, General Antivirus etc., this scareware first appeared on the scene in the later half of the year 2008 and is still going strong. It is identified by various antivirus engines as Adware.InternetAntivirusPro, RogueAntiSpyware.InternetAntivirus, Win32.InternetAntivirusPro.m, Win32.Banker and Win-Trojan/Fakealert. As a typical scareware it displays misleading alerts about non-existent infections

Read the full article →

Spyware Guard 2008 Analysis and Removal

by Shanmuga

Spyware Guard 2008 is a new entrant to the family of rogue security software. It is not to be confused with SpywareGuard a fine freeware from Javacool software. A rogue security software belongs to a family of software products that call themselves as antivirus, antispyware or registry cleaners and often use deceptive or high pressure

Read the full article →

XP/Vista Antivirus 2008 Analysis and Removal

by Shanmuga

This rogue anti-malware application mostly installs via encoded re-directs from hacked web pages. When you happen to visit a hacked web page on a otherwise legitimate website your browser is automatically redirected to a rogue ware hosting website which shows a popup with a the text “Your computer is running slower than normal, maybe it

Read the full article →

Antivirus 2009: Analysis and Removal

by Shanmuga

This post analyzes the installation method of a rogue antivirus application Antivirus 2009 and its effective removal as observed by me. Antivirus 2009 is a fake antivirus application, designed to scare the users with fake alert screens about non-existent and often misleadingly named threats found on your system. When the user tries to clean the

Read the full article →

Malware: Antivir64 Manual Removal

by Shanmuga

Further to my earlier blog about Antivir64 Rogue Antispyware software, there were many enquiries about how I managed to get rid of it off my system. Let’s start with the files and registry keys created by this malware. The following were found in my fully patched Windows Vista system:

Read the full article →

Malware Alert: Antivir64 Rogue Antispyware

by Shanmuga

Antivir64, a new rogue antispyware is on the prowl, it seems to be installing from scanner.antivir64.com with an affiliate id 1050 (scanner.antivir64.com/?aff=xxxx). The victims are redirected -probably through .htaccess file hack- from certain pages of legitimate but hacked websites. A quick google search shows first reports of blog sites getting hacked to redirect visitors to

Read the full article →

How to remove Internet Antivirus (Internet Antivirus removal self help guide)

by Shanmuga

"Internet Antivirus is a new rogue anti-virus program that uses false information and aggressive tactics in order to scare people into purchasing it. Most people see ads for Internet Antivirus as they browse the web…If you decide to download and install the program, Internet Antivirus will be set to automatically run when your computer starts.

Read the full article →