Scareware Rogues

Drop for Rogue ‘Internet Antivirus Pro’ Gotscan, user4scan

March 16, 2009

Redirect from gotscan.com to user4scan.com. <– Do not go to either. Received typical scareware warnings, rogue was not detected by my anti virus program. The installer repeatably failed, popping up the same windows and freezing the browser. Domain Name: USER4SCAN.COM IP Location: Germany – Berlin – Berlin – Netdirekt E.k Registration Service Provided By: SELLOUT.NAME [...]

Read the full article →

New Rogue XpyBurner

February 9, 2009

Scareware Spyburner becomes XpyBurner. From EULA. C. Some of our products may be unsuited to run with other software. We have the right to uninstall incompatible products. We will notify our customers before uninstalling such products. A customer cannot claim a refund if the reason is a requisition or removal of conflicting software. Coexistence of [...]

Read the full article →

New Rogue-Total Defender

January 26, 2009

An interesting thing we noticed is that the Rogue did not attempt to scare us into purchasing it, rather telling us that the computer was secure after the scan. The Rogue authors are probably doing this to keep a high amount of Rogue installations active for the purposes of data theft or for hire services. [...]

Read the full article →

2009sites3.biz-AntiVirus 2009 Rogue Infector

January 13, 2009

Continually blog spammed by 2009sites3.biz I googled for hits. Bestantivirusdefence.com ICANN Registrar: BIZCN.COM, INC. Created: 2009-01-03 Expires: 2010-01-03 Updated: 2009-01-10 Name Server: NS1.EUROPEGIGABYTE.COM Name Server: NS2.EUROPEGIGABYTE.COM Name Server: NS3.EUROPEGIGABYTE.COM IP Address: 75.126.175.232 Domain Status: Registered And No Website Clicking ‘Cancel’ or trying to close by hitting the X won’t stop it. Of course that Microsoft [...]

Read the full article →

powerfulvirusremover2008 Rogue Security Program

November 27, 2008

Also named virusremover2008. From the EULA. Lack of viruses? You mean aside from what they install or the fake scan results. As to “uninstalling products”, the mind boggles. Legitimate security programs that detect this rogue? 32 infections on a clean machine, uh huh… “Virusremover2008 may have detected programs that may compromise your privacy or damage [...]

Read the full article →

Searching for a product, buyer beware

October 23, 2008

Noted by users, ‘official-download.net’ appears to be selling a product that is presented in such a way as to mislead a person searching for the download page for a well known antispyware program. Domain Tools. Related Sites: 2008-official.net Website title: Earth 2009 Secrets That’s how the banner appeared yesterday, today it looked like this. At [...]

Read the full article →

Rogue Security Program email scam

October 23, 2008

Victims report a rogue named ‘Spybot 2009′ received in the form of email spam posing as an application upgrade. The scam is playing off the trademark name of the well known antispyware program, Spybot-S&D. Be warned you may also see websites offering the fake, rogue program Spybot 2009. Screenshots of the rogue at a blog [...]

Read the full article →

Xp Antispyware 2009 Rogue Security Program

October 10, 2008

Stay away from these. 206.161.120.20 Xp-antispyware2009. com 206.161.120.21 Xp-antispyware-2009. com ICANN Registrar: ONLINENIC, INC. 206.161.120.22 Xpantispyware-2009. com 206.161.120.23 Xpas2009. com ICANN Registrar: REGTIME LTD. 206.161.120.24 Xp-as-2009. com ICANN Registrar: BIZCN.COM, INC. XpAntispyware2009 was one of the domains suspended by DIRECTI INTERNET SOLUTIONS PVT. LTD. D/B/A PUBLICDOMAINREGISTRY.COM. http://whois.domaintools.com/xpantispyware2009.com Certifiedbug, September 14, 2008: Directi continues to suspend [...]

Read the full article →

AntiVirus 2009 Rogue Security Program ‘Scareware’ tactics

October 3, 2008

Trend Micro, October 2, 2008. Rogue AV Tactics Continue to Threaten October has just begun and Trend Micro threat researchers keep seeing more and more — slightly different, but yet increasingly more annoying — variations to the set of rogue AV infection signals we have been documenting on this blog. Fake BSOD (actually a screensaver) [...]

Read the full article →

Rogues, privacy or security risks from Innovagest2000

September 30, 2008

The Sunbelt Blog reports a new rogue program, eAntivirusPro. eAntivirusPro is a new clone of Antivirus XP 2008 rogue security product. AntiMalware 2009 is yet another clone of Antivirus XP 2008 rogue security product. ekerberos is another rogue security product from Innovagest 2000. I checked out Innovagest2000.com, don’t try this at home. On the site [...]

Read the full article →

← Previous Entries

Next Entries →