Antivirus Scan

December 23, 2010

What is Antivirus Scan?

Antivirus Scan is the latest release of rogue antispyware programs - which are fraudulent programs that pose as legitimate security software in order to scam you out of money.

Recommended Removal Method:

Automatic Detection and Removal Using Spyware Doctor:

If you are blocked trying to download or install Spyware Doctor please follow the additional instructions found here.

Screenshots:

Additional Information:

Methods of Infection:

Antivirus Scan is typically installed via a Trojan and usually from somewhat questionable websites (i.e. pornography or gambling), but it has also been found on hijacked fake news websites and in torrent downloads.

Previous Versions:

Antivirus Scan is the latest in a long list of rogue antispyware that come from the same family and has previously been known as Antivirus Action, Security Suite, and Antispyware Soft among others.

What it Does:

Antivirus Scan will bombard your computer with all sorts of fake alerts and spyware scans in an attempt to scam you into purchasing the full version, which is nothing more than a hoax as Antivirus Scan is not legitimate software and is actually a spyware infection.  Antivirus Scan also has the ability to take over your web browser and redirect your search results to other malware laden web pages, where you will likely be hit with more fake alerts and system messages.

Of much greater concern however, is that Antivirus Scan can also download and install other extremely malicious malware that has the abiltity to log your keystrokes, websites visited, browsing habits, etc. and can then send that information over the internet to a remote server where the hackers that created Antivirus Scan can then use that information in an attempt to gain access to your credit cards, bank accounts, and numerous other sensitive personal information – which can ultimately lead to identity theft.

Optional Antivirus Scan Removal Method – Manual Deletion (Not Recommended)

***Please note we highly recommend against attempting manual removal of Antivirus Scan unless are a trained computer professional. Antivirus Scan is a highly complex and dynamic spyware infection that can hide several random files throughout your computer’s registry and file system and makes manual removal almost impossible. In addition, deleting and modifying system files and your computer’s registry wihout proper knowledge and training can cause further issues and may even cause your computer to become inoperable. As such, proceeding with manual removal is done at your own risk and spyware-experts.com cannot be held responsible for any problems that may occur in doing so.***

If you need help performing any of these steps, please see our tutorials listed on the upper right hand side of this page.

1. Delete the Following Processes:

.exe

2. Delete Following Files and Directories

Windows XP

C:\Documents and Settings\[Profile]\Local Settings\Temp\{random numbers}\{random numbers.exe}
C:\Documents and Settings\[Profile]\Local Settings\Temp\{random numbers}

Windows 7 and Windows Vista

C:\Users\[Profile]\AppData\Local\Temp\{random numbers}
C:\Users\[Profile]\AppData\Local\Temp\{random numbers}\{random numbers.exe}

3. Delete the following Registry keys

HKEY_CURRENT_USER\Software\qnpn7rjv93lf
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “RunInvalidSignatures” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\PhishingFilter “Enabled” = ’0′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyOverride” = ”
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyServer” = ‘http=127.0.0.1:59274′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “ProxyEnable” = ’1′
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations “LowRiskFileTypes” = ‘.exe’
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “<random>”
HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Download “CheckExeSignatures” = ‘no’

Important:

Note that even if you have followed all the above steps and performed the tasks correctly, it is highly probable that Antivirus Scan will remain on your computer and continue to cause problems. The reason for this is that the program is dynamic and can change the filenames, locations, etc. and can even add additional infected files while it is on your computer.

This is why we highly recommend an automatic detection and removal tool such as Spyware Doctor that can find these additional hidden files and ensure that Antivirus Scan is completely removed from your computer.

Posted by admin | Filed Under Rogue Antispyware Programs | Leave a Comment 

Security Shield

December 8, 2010

What is Security Shield?

Security Shield is yet another in a long line of rogue antispyware programs - which are fraudulent programs that try to pass as legitimate utility software, when the reality is that these programs are actually spyware infetions.

Recommended Removal Method:

Automatic Detection and Removal Using Spyware Doctor:

If you are blocked trying to download or install Spyware Doctor please follow the additional instructions found here.

Screenshots:

Additional Information:

Methods of Infection:

Security Shield is typically installed via a Trojan, and it usually is found on questionable websites (i.e. pornography or gambling), but it has also been found on hijacked fake news websites and in torrent downloads.

Previous Versions:

Security Shield comes from a family of rogues that has a long list – previous versions/names for this rogue include Security Tool, System Tool, and Total Security among others.

What it Does:

Security Shield does exactly what most other rogue antispyware programs do – it bombards your computer with numerous fake system alerts and spyware scans in an attempt to scam you into purchasing the full version, which is nothing more than a hoax as Security Shield is not legitimate software and is actually a spyware infection. Security Shield can also hijack your web browser and redirect your search results to pages of its choosing, where you will likely encounter more fake alerts and system related warnings.

The larger threat that Security Shield poses however, is that it can download and install other extremely malicious malware that can log your keystrokes, websites visited, browsing habits, etc. and can send that information over the internet to a remote server where the hacker that created Security Shield can then use that information in an attempt to gain access to your credit cards, bank accounts, and numerous other sensitive personal information – which can ultimately lead to identity theft.

Optional Security Shield Removal Method – Manual Deletion (Not Recommended)

***Please note we highly recommend against attempting manual removal of Security Shield unless are a trained computer professional.  Security Shield is a highly complex and dynamic spyware infection that can hide several random files throughout your computer’s registry and file system and makes manual removal almost impossible. In addition, deleting and modifying system files and your computer’s registry wihout proper knowledge and training can cause further issues and may even cause your computer to become inoperable. As such, proceeding with manual removal is done at your own risk and spyware-experts.com cannot be held responsible for any problems that may occur in doing so.***

If you need help performing any of these steps, please see our tutorials listed on the upper right hand side of this page.

1. Delete the Following Processes:

.exe

2. Delete Following Files and Directories

Windows XP

%UserProfile%\Applicaton Data\{random numbers}\{random numbers.exe}

Windows 7 and Windows Vista

%UserProfile%\AppData\Local\{random numbers}\{random numbers.exe}

3. Delete the following Registry keys

HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce “{random numbers}”

Important:

Note that even if you have followed all the above steps and performed the tasks correctly, it is highly probable that Security Shield will remain on your computer and continue to cause problems. The reason for this is that the program is dynamic and can change the filenames, locations, etc. and can even add additional infected files while it is on your computer.

This is why we highly recommend an automatic detection and removal tool such as Spyware Doctor that can find these additional hidden files and ensure that Security Shield is completely removed from your computer.

Posted by admin | Filed Under Rogue Antispyware Programs, Top Rogue Threats | 1 Comment 

What is Spyware?

According to Wikipedia, Spyware is defined as computer software that is installed on a user's computer without their knowledge or consent, that is designed to intercept or take partial control over the user's interaction wih the computer. But that definition is actually incomplete.

Read More About Spyware Here...

Spyware Prevention

Spyware has become more and more dangerous each day. In the past, it was merely considered an annoyance and caused performance issues on your computer but today that reality is entirely different.

Read More on Spyware Prevention Here...

Latest Spyware Threats