Norton Latest Release Causes Problems for Users

We have been receiving a higher number of “issues” in our support queue with users running Norton – it appears Norton has pulled the latest release that was issued last Wednesday and is requesting users run a fix tool and/or downgrade their product.

PC World Article
http://www.pcworld.com/businesscenter/article/170810/symantec_offers_fix_for_buggy_norton_patch.html

Here’s a Norton tool to fix the problem:
http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090821103237EN

Fake Videos : Michael Bisping Post Fight Interview

I had a friend call me last night to tell me that his computer was infected after he did “nothing” – typical 🙂 After a little investigation I found out that he was searching for a post fight interview from UFC 100 for a fighter named “Michael Bisping” who was knocked out by Dan “Hendo” Henderson. He found a nice link on Google that led to the following series of events (don’t try this at home!):

Video site indicating they have the video….

Now just click to watch the video…..

SUPERAntiSpyware Scan after attempting to watch video….

As you can see these links are floating around Google, Yahoo and MSN. Remember, think before you click!

If you have come across these types of situations, it’s a good idea to scan with SUPERAntiSpyware to make sure your system is clean!

New Rogue : PC Security 2009

PC Security 2009 is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

PC Security 2009 Application
Rogue - PC Security Main Screen

Rogue - PC Security Main Screen

Files/Folders Created
%CSIDL_PROGRAMS%PC_SECURITY2009
%CSIDL_PROGRAMS%PC_SECURITY2009PC_SECURITY2009.LNK
%CSIDL_PROGRAMS%PC_SECURITY2009UNINSTALL.LNK
%PROGRAMFILES%PC_SECURITY2009
%PROGRAMFILES%PC_SECURITY2009AVENGN.DLL
%PROGRAMFILES%PC_SECURITY2009HTMLAYOUT.DLL
%PROGRAMFILES%PC_SECURITY2009PC_SECURITY2009.CFG
%PROGRAMFILES%PC_SECURITY2009PC_SECURITY2009.EXE
%PROGRAMFILES%PC_SECURITY2009PTHREADVC2.DLL
%PROGRAMFILES%PC_SECURITY2009UNINSTALL.EXE
%PROGRAMFILES%PC_SECURITY2009WSCUI.CPL
%PROGRAMFILES%PC_SECURITY2009DATA
%PROGRAMFILES%PC_SECURITY2009DATADAILY.CVD
%PROGRAMFILES%PC_SECURITY2009MICROSOFT.VC80.CRT
%PROGRAMFILES%PC_SECURITY2009MICROSOFT.VC80.CRTMICROSOFT.VC80.CRT.MANIFEST
%PROGRAMFILES%PC_SECURITY2009MICROSOFT.VC80.CRTMSVCM80.DLL
%PROGRAMFILES%PC_SECURITY2009MICROSOFT.VC80.CRTMSVCP80.DLL
%PROGRAMFILES%PC_SECURITY2009MICROSOFT.VC80.CRTMSVCR80.DLL

Registry Items Created/Added
HKLMSOFTWAREPC_Security2009
HKLMSOFTWAREMicrosoftWindowsCurrentVersionRun#PC Security 2009 = “C:Program FilesPC_Security2009PC_Security2009.exe” /hide
HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPC_Security2009
HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPC_Security2009#DisplayName = PC Security 2009
HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallPC_Security2009#UninstallString = C:Program FilesPC_Security2009Uninstall.exe

Click here to download SUPERAntiSpyware to Remove PC Security 2009

New Rogue : System Tuner

System Tuner is a new/updated rogue claiming to “tune” your system. We have updated our definitions to detect and remove all traces of this rogue.

System Tuner Application
Rogue - System Tuner Main Screen

Files/Folders Created
%CSIDL_PROGRAMS%SYSTEMTUNER
%PROGRAMFILES%SYSTEMTUNER

Registry Items Created/Added
HKLMSOFTWARESystemTuner
HKLMSOFTWAREMicrosoftWindowsCurrentVersionUninstallSystemTuner

Click here to download SUPERAntiSpyware to Remove System Tuner

New Rogue : WiniFighter

WiniFighter is a new/updated rogue from the WinBlueSoft series. We have updated our definitions to detect and remove all traces of this rogue.

WiniFighter Application
Rogue - WiniFighter Main Screen

Files/Folders Created
%CSIDL_COMMON_PROGRAMS%WINIFIGHTER
%CSIDL_COMMON_PROGRAMS%WINIFIGHTER1 WINIFIGHTER.LNK
%CSIDL_COMMON_PROGRAMS%WINIFIGHTER2 HOMEPAGE.LNK
%CSIDL_COMMON_PROGRAMS%WINIFIGHTER3 UNINSTALL.LNK
%PROGRAMFILES%WINIFIGHTER SOFTWARE
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTER
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTERDATA.BIN
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTERLICENSE.TXT
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTERUNINSTALL.EXE
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTERWINIFIGHTER.EXE
%PROGRAMFILES%WINIFIGHTER SOFTWAREWINIFIGHTERWINIFIGHTERSVC.EXE

Registry Items Created/Added
HKCUSoftwareWiniFighter
HKCUSoftwareWiniFighter#CurrentVersion =
HKCUSoftwareWiniFighter#AgentsSettings
HKCUSoftwareMicrosoftWindowsCurrentVersionRun#WiniFighter = C:Program FilesWiniFighter SoftwareWiniFighterWiniFighter.exe -min

Click here to download SUPERAntiSpyware to Remove WiniFighter

New Rogue : Smart Defender Pro

Smart Defender Pro is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue. Being distributed through the spam and adult/keygen sites.

Smart Defender Pro Application
Rogue - Smart Defender Pro Main Screen

Files/Folders Created
%CSIDL_COMMON_DESKTOPDIRECTORY%SMART DEFENDER PRO.LNK
%CSIDL_APPDATA%SMART DEFENDER PRO
%CSIDL_COMMON_PROGRAMS%SMART DEFENDER PRO
%CSIDL_COMMON_PROGRAMS%SMART DEFENDER PROSMART DEFENDER PRO.LNK

Registry Items Created/Added
HKCUSoftwareSmart Defender PRO
HKCUSoftwareSmart Defender PRO#Smart Defender PRO = D41D8CD98F00B204E9800998ECF8427E
HKCUSoftwareSmart Defender PRO#LastUpdate = 2009-06-30
HKCUSoftwareSmart Defender PRO#ZF = XOge3/+m0ghHNi2HpBX3b2fhucJAeDTUvPHfYWg5HOGaKMyJFJSWqeIHYlB0aXWRnnrHLw==
HKCUSoftwareSmart Defender PRO#SS = 321
HKCUSoftwareSmart Defender PROthreats

Click here to download SUPERAntiSpyware to Remove Smart Defender Pro