The Emsisoft malware research team has discoverd a new outbreak of the FakeSecurityEssentials adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.FakeSecurityEssentials.

FakeSecurityEssentials is a rogue security program, that try to deceives the user with a GUI similar to Microsoft Security Essentials.  A rogue security program tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

How to remove the infection of FakeSecurityEssentials (Adware.Win32.FakeSecurityEssentials)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the RTS Antivirus 2010 adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.RTSAntivirus2010.

RTS Antivirus 2010 is a rogue security program, come from hxxp://www.rtsantivirus2010. com.  This is another variant from AKM Antivirus 2010 Pro. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %ProgramFiles%\RST Antivirus 2010\WININET.dll
• %ProgramFiles%\RST Antivirus 2010\comdlg32.dll
• %ProgramFiles%\RST Antivirus 2010\dwmapi.dll
• %ProgramFiles%\RST Antivirus 2010\libclamav.dll
• %ProgramFiles%\RST Antivirus 2010\oledlg.dll
• %ProgramFiles%\RST Antivirus 2010\pthreadVC2.dll
• %ProgramFiles%\RST Antivirus 2010\RST Antivirus 2010.exe
• %ProgramFiles%\RST Antivirus 2010\uninstall.bat
• %UserProfile%\Application Data\RST Antivirus 2010\WinDefPro.dat
• %UserProfile%\Application Data\RST Antivirus 2010\db\daily.cvd
• %UserProfile%\Desktop\RST Antivirus 2010.lnk
• %UserProfile%\Start Menu\Programs\RST Antivirus 2010\Uninstall RST Antivirus 2010.lnk
• %UserProfile%\Start Menu\Programs\RST Antivirus 2010\RST Antivirus 2010.lnk

Screenshots:

How to remove the infection of RTS Antivirus 2010 (Adware.Win32.RTSAntivirus2010)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the AKM Antivirus 2010 Pro adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.AKMAntivirus2010Pro.

AKM Antivirus 2010 Pro is a rogue security program.  A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %ProgramFiles%\skynet.dat
• %ProgramFiles%\svchost.exe
• %ProgramFiles%\wp3.dat
• %ProgramFiles%\wp4.dat
• %ProgramFiles%\adc32.dll
• %ProgramFiles%\alggui.exe
• %ProgramFiles%\nuar.old
• %ProgramFiles%\AKM Antivirus 2010 Pro\AKM Antivirus 2010 Pro.exe
• %UserProfile%\Desktop\AKM Antivirus 2010 Pro.lnk
• %UserProfile%\Start Menu\Programs\AKM Antivirus 2010 Pro\AKM Antivirus 2010 Pro.lnk

Create new registry entries:

• HKEY_LOCAL_MACHINE\software\Classes\CLSID\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}
• HKEY_LOCAL_MACHINE\software\Classes\CLSID\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}\InprocServer32
• HKEY_LOCAL_MACHINE\software\microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{77DC0Baa-3235-4ba9-8BE8-aa9EB678FA02}
• HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\AdbUpd
• HKEY_CURRENT_USER\software\AKM Antivirus 2010 Pro
• HKEY_CURRENT_USER\software\AKM Antivirus 2010 Pro\PC_protect
• HKEY_CURRENT_USER\software\AKM Antivirus 2010 Pro\PC_protect\Registration
• HKEY_CURRENT_USER\software\AKM Antivirus 2010 Pro\PC_protect\setdata

Screenshots:

How to remove the infection of AKM Antivirus 2010 Pro (Adware.Win32.AKMAntivirus2010Pro)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the PCommander adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.PCommander.

PCommander is a rogue security program, this is a new variant from Control Components / Control Center.  A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %UserProfile%\Application Data\PCommander\settings.ini
• %UserProfile%\Application Data\PCommander\uninstall.exe
• %UserProfile%\Application Data\PCommander\ccagent.exe
• %UserProfile%\Application Data\PCommander\ccmain.exe
• %UserProfile%\Application Data\PCommander\faq\guide.html
• %UserProfile%\Application Data\PCommander\faq\images\06.png
• %UserProfile%\Application Data\PCommander\faq\images\07.png
• %UserProfile%\Application Data\PCommander\faq\images\08.png
• %UserProfile%\Application Data\PCommander\faq\images\09.png
• %UserProfile%\Application Data\PCommander\faq\images\10.png
• %UserProfile%\Application Data\PCommander\faq\images\05.png
• %UserProfile%\Desktop\PCommander.lnk

Create new registry entries:

• HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\PCommander
• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run “ccagent.exe”

Screenshots:

How to remove the infection of PCommander (Adware.Win32.PCommander)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the A-fast Antivirus adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.AFastAntivirus.

A-fast Antivirus is a rogue security program come from hxxp://www.a-fast .com.  A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer is infected with viruses or trojan, but you will not be able to delete them before you purchase.

Create new files:

• %ProgramFiles%\A-fast\A-fast.exe
• %UserProfile%\Desktop\A-fast Antivirus.lnk

Create new registry entries:

• HKEY_CURRENT_USER\software\A-fast
• HKEY_CURRENT_USER\software\A-fast\Activation
• HKEY_CURRENT_USER\software\A-fast\Security
• HKEY_CURRENT_USER\software\Microsoft\Windows\CurrentVersion\Run, “fast”

Screenshots:

How to remove the infection of A-fast Antivirus (Adware.Win32.AFastAntivirus)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.