SUPERAntiSpyware Malware Research and Removal Blog

SUPERAntiSpyware Portable Scanner

admin — Fri, 22 Jan 2010 17:29:55 +0000

We have had a many requests for a “portable” scanner that can be run from a USB drive, contains the latest definitions and does not need and Internet connection to run, so we have created SUPERAntiSpyware Portable.

SUPERAntiSpyware Portable Scanner
http://www.superantispyware.com/portable

It’s free for personal use, and we have technician licenses available.

EMAIL SCAM ALERT : State Vaccination H1N1 Program

admin — Tue, 01 Dec 2009 15:33:57 +0000

Beware of the latest round of e-mail scam/infection vectors.

New Rogue : TrustFighter / Trust Fighter

admin — Tue, 13 Oct 2009 16:49:31 +0000

TrustFighter is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

TrustFighter Application

TrustFighter Folders/Files
%CSIDL_COMMON_PROGRAMS%\TRUSTFIGHTER
%PROGRAMFILES%\TRUSTFIGHTER SOFTWARE

Click here to download SUPERAntiSpyware to Remove TrustFighter

New Rogue : AntiVirus

admin — Fri, 09 Oct 2009 15:51:02 +0000

AntiVirus is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

AntiVirus Application

Click here to download SUPERAntiSpyware to Remove AntiVirus

New Rogue : AntiVirusPro 2010

admin — Tue, 08 Sep 2009 19:03:13 +0000

AntiVirusPro 2010 is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

AntiVirusPro 2010 Application

Click here to download SUPERAntiSpyware to Remove AntiVirusPro 2010

Norton Latest Release Causes Problems for Users

admin — Wed, 26 Aug 2009 18:51:59 +0000

We have been receiving a higher number of “issues” in our support queue with users running Norton - it appears Norton has pulled the latest release that was issued last Wednesday and is requesting users run a fix tool and/or downgrade their product.

PC World Article
http://www.pcworld.com/businesscenter/article/170810/symantec_offers_fix_for_buggy_norton_patch.html

Here’s a Norton tool to fix the problem:
http://www.symantec.com/norton/support/kb/web_view.jsp?wv_type=public_web&docurl=20090821103237EN

New Rogue : PCAntiSpyware 2010

admin — Mon, 03 Aug 2009 20:56:56 +0000

PCAntiSpyware 2010 is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

PCAntiSpyware 2010 Application

Click here to download SUPERAntiSpyware to Remove PCAntiSpyware 2010

New Rogue : Smart Protector

admin — Fri, 31 Jul 2009 00:18:09 +0000

Smart Protector is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

Smart Protector Application

Click here to download SUPERAntiSpyware to Remove Smart Protector

Fake Videos : Michael Bisping Post Fight Interview

admin — Tue, 14 Jul 2009 22:04:29 +0000

I had a friend call me last night to tell me that his computer was infected after he did “nothing” - typical After a little investigation I found out that he was searching for a post fight interview from UFC 100 for a fighter named “Michael Bisping” who was knocked out by Dan “Hendo” Henderson. He found a nice link on Google that led to the following series of events (don’t try this at home!):

Video site indicating they have the video….

Now just click to watch the video…..

SUPERAntiSpyware Scan after attempting to watch video….

As you can see these links are floating around Google, Yahoo and MSN. Remember, think before you click!

If you have come across these types of situations, it’s a good idea to scan with SUPERAntiSpyware to make sure your system is clean!

New Rogue : PC Security 2009

admin — Mon, 13 Jul 2009 19:16:54 +0000

PC Security 2009 is a new/updated rogue. We have updated our definitions to detect and remove all traces of this rogue.

PC Security 2009 Application

Files/Folders Created
%CSIDL_PROGRAMS%\PC_SECURITY2009
%CSIDL_PROGRAMS%\PC_SECURITY2009\PC_SECURITY2009.LNK
%CSIDL_PROGRAMS%\PC_SECURITY2009\UNINSTALL.LNK
%PROGRAMFILES%\PC_SECURITY2009
%PROGRAMFILES%\PC_SECURITY2009\AVENGN.DLL
%PROGRAMFILES%\PC_SECURITY2009\HTMLAYOUT.DLL
%PROGRAMFILES%\PC_SECURITY2009\PC_SECURITY2009.CFG
%PROGRAMFILES%\PC_SECURITY2009\PC_SECURITY2009.EXE
%PROGRAMFILES%\PC_SECURITY2009\PTHREADVC2.DLL
%PROGRAMFILES%\PC_SECURITY2009\UNINSTALL.EXE
%PROGRAMFILES%\PC_SECURITY2009\WSCUI.CPL
%PROGRAMFILES%\PC_SECURITY2009\DATA
%PROGRAMFILES%\PC_SECURITY2009\DATA\DAILY.CVD
%PROGRAMFILES%\PC_SECURITY2009\MICROSOFT.VC80.CRT
%PROGRAMFILES%\PC_SECURITY2009\MICROSOFT.VC80.CRT\MICROSOFT.VC80.CRT.MANIFEST
%PROGRAMFILES%\PC_SECURITY2009\MICROSOFT.VC80.CRT\MSVCM80.DLL
%PROGRAMFILES%\PC_SECURITY2009\MICROSOFT.VC80.CRT\MSVCP80.DLL
%PROGRAMFILES%\PC_SECURITY2009\MICROSOFT.VC80.CRT\MSVCR80.DLL

Registry Items Created/Added
HKLM\SOFTWARE\PC_Security2009
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run#PC Security 2009 = “C:\Program Files\PC_Security2009\PC_Security2009.exe” /hide
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_Security2009
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_Security2009#DisplayName = PC Security 2009
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PC_Security2009#UninstallString = C:\Program Files\PC_Security2009\Uninstall.exe

Click here to download SUPERAntiSpyware to Remove PC Security 2009