Rogue security software, often referred to as scareware, is one of the biggest challenges that computer users are faced with right now. Taking the form of legitimate-looking anti-virus, anti-spyware and anti-malware products, these rogue applications look to be beneficial from a security perspective but provide little or no security, generate misleading alerts, or attempt to lure users into participating in fraudulent transactions - blurring the lines between genuine software and applications that put you in harm’s way.

In order to help you clearly see what programs are considered rogue – and avoid them – Lavasoft Malware Labs is proud to introduce a brand new site: the Rogue Gallery.


0149.0104 is now available, new definition file for Ad-Aware.


New Rogue: RESpyWare

by LS Anders on November 30th, 2009 in Rogues, Security Alert.

RESpyWare is yet another clone of the now so common WiniGuard family.














0149.0103 is now available, new definition file for Ad-Aware.


0149.0102 is now available, new definition file for Ad-Aware.


New Rogue: REAnti

by LS Anders on November 26th, 2009 in Rogues, Security Alert.

REAnti is yet another clone of WiniGuard. This one comes with the same GUI (graphic user interface) as previous ones like KeppCop, SecureKeeper, SiteVillain and AntiAID.
















0149.0101 is now available, new definition file for Ad-Aware.


0149.0100 is now available, new definition file for Ad-Aware.


0149.0099 is now available, new definition file for Ad-Aware.


I found a couple of slides from a company internal training session and thought I would share them. It's just to give an example of the kind of work the Lavasoft research team at Malware Labs does.

It describes the binary analysis of a Win32.TrojanDropper.KGen sample, the malware multi-component structure and the payload it implements.


0149.0098 is now available, new definition file for Ad-Aware.


0149.0097 is now available, new definition file for Ad-Aware.