The Emsisoft malware research team has discoverd a new outbreak of the Check Disk adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.CheckDisk.

Check Disk is a rogue application, this is another variant of Ultra Defragger, Quick Defragmenter, Smart Defragmenter, HDD Defragmenter, and System Defragmenter. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\Desktop\Check Disk.lnk
• %UserProfile%\Local Settings\Temp\%random%.exe
• %UserProfile%\Local Settings\Temp\%random_number%
• %UserProfile%\Local Settings\Temp\%random_number%.bmp
• %UserProfile%\Local Settings\Temp\%random_number%.exe
• %UserProfile%\Local Settings\Temp\%random%.dll
• %UserProfile%\Local Settings\Temp\dfrg
• %UserProfile%\Local Settings\Temp\dfrgr
• %UserProfile%\Start Menu\Programs\Check Disk\
• %UserProfile%\Start Menu\Programs\Check Disk\Check Disk.lnk
• %UserProfile%\Start Menu\Programs\Check Disk\Uninstall Check Disk.lnk

Create new registry entries:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  (String) %random% = %UserProfile%\Local Settings\Temp\%random%.exe
  (String) %random_number% = %UserProfile%\Local Settings\Temp\%random_number%.exe

Screenshots:

How to remove the infection of Check Disk (Adware.Win32.CheckDisk)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Win 7 Antispyware 2011 adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.Win7Antispyware2011.

Win7 Antispyware 2011 is a rogue security security product. A rogue application tries to trick you by displaying false positive or misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\AppData\Local\opRSK
• %UserProfile%\AppData\Local\pw.exe

Create new registry entries:

• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\open\command
  (Default) = “%UserProfile%\AppData\Local\pw.exe” /START “%ProgramFiles%\Mozilla Firefox\firefox.exe”

• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\FIREFOX.EXE\shell\safemode\command
  (Default) = “%UserProfile%\AppData\Local\pw.exe” /START “%ProgramFiles%\Mozilla Firefox\firefox.exe” -safe-mode

• HKEY_LOCAL_MACHINE\SOFTWARE\Clients\StartMenuInternet\IEXPLORE.EXE\shell\open\command
  (Default) = “%UserProfile%\AppData\Local\pw.exe” /START “%ProgramFiles%\Internet Explorer\iexplore.exe”

Screenshots:

How to remove the infection of Win 7 Antispyware 2011 (Adware.Win32.Win7Antispyware2011)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Ultra Defragger adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.UltraDefragger.

Ultra Defragger is a rogue application, this is another variant of Quick Defragmenter, Smart Defragmenter, HDD Defragmenter, and System Defragmenter. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\Desktop\Ultra Defragger.lnk
• %UserProfile%\Local Settings\Temp\dfrg
• %UserProfile%\Local Settings\Temp\dfrgr
• %UserProfile%\Local Settings\Temp\%random%.dll
• %UserProfile%\Local Settings\Temp\%random%.exe
• %UserProfile%\Local Settings\Temp\tmp4.tmp
• %UserProfile%\Local Settings\Temp\%random_number%
• %UserProfile%\Local Settings\Temp\%random_number%.bmp
• %UserProfile%\Local Settings\Temp\%random_number%.exe
• %UserProfile%\Start Menu\Programs\Ultra Defragger\
• %UserProfile%\Start Menu\Programs\Ultra Defragger\Uninstall Ultra Defragger.lnk
• %UserProfile%\Start Menu\Programs\Ultra Defragger\Ultra Defragger.lnk

Create new registry entries:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  (String) %random% = %UserProfile%\Local Settings\Temp\%random%.exe
  (String) %random_number% = %UserProfile%\Local Settings\Temp\%random_number%.exe

Screenshots:

How to remove the infection of Ultra Defragger (Adware.Win32.UltraDefragger)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Quick Defragmenter adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.QuickDefragmenter.

Quick Defragmenter is a rogue application, this is another variant of Smart Defragmenter, HDD Defragmenter, and System Defragmenter. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\Desktop\Quick Defragmenter.lnk
• %UserProfile%\Local Settings\Temp\%random%.dll
• %UserProfile%\Local Settings\Temp\%random_number%
• %UserProfile%\Local Settings\Temp\%random_number%.bmp
• %UserProfile%\Local Settings\Temp\%random_number%.exe
• %UserProfile%\Local Settings\Temp\BoB8.tmp
• %UserProfile%\Local Settings\Temp\dfrg
• %UserProfile%\Local Settings\Temp\dfrgr
• %UserProfile%\Local Settings\Temp\%random%.exe
• %UserProfile%\Start Menu\Programs\Quick Defragmenter\
• %UserProfile%\Start Menu\Programs\Quick Defragmenter\Quick Defragmenter.lnk
• %UserProfile%\Start Menu\Programs\Quick Defragmenter\Uninstall Quick Defragmenter.lnk

Create new registry entries:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  (String) %random% = %UserProfile%\Local Settings\Temp\%random%.exe
  (String) %random_number% = %UserProfile%\Local Settings\Temp\%random_number%.exe

Screenshots:

How to remove the infection of Quick Defragmenter (Adware.Win32.QuickDefragmenter)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.

The Emsisoft malware research team has discoverd a new outbreak of the Smart Defragmenter adware. Emsisoft Anti-Malware detects this malware as Adware.Win32.SmartDefragmenter.

Smart Defragmenter is a rogue application, this is another variant of HDD Defragmenter, and System Defragmenter. A rogue application tries to trick you by displaying false positive/misleading scan results report, which says that your computer has a problem, or infected with viruses or trojan, but you will not be able to fix it before you purchase.

Create new files:

• %UserProfile%\Desktop\Smart Defragmenter.lnk
• %UserProfile%\Local Settings\Temp\%random%.bmp
• %UserProfile%\Local Settings\Temp\%random%.exe
• %UserProfile%\Local Settings\Temp\%random%
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\Smart Defragmenter.lnk
• %UserProfile%\Start Menu\Programs\Smart Defragmenter\Uninstall Smart Defragmenter.lnk

Create new registry entry:

• HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
  (String) %random% = %UserProfile%\Local Settings\Temp\%random%.exe

Screenshots:

How to remove the infection of Smart Defragmenter (Adware.Win32.SmartDefragmenter)?

To delete this malware infection, please download and install Emsisoft Anti-Malware. Run a full scan on all drives and move all detected items to the quarantine.