New Self-Cloning Rogue

by LS Anders on February 5th, 2010 in Rogues, Security Alert.

A new rogue that will randomly change names and include a reference to the current operating system has emerged.


The rogue will change to different names depending on the user's OS. On Windows XP we have encountered the following:



On Windows Vista we have seen it use the following names:



On Windows 7 we have seen it using the following names:

Once installed, the rogue will detect several false infections and it will require a license to remove these infections.  To further scare the user, fake attacks on the system are also shown.













Ad-Aware detects this rogue as Win32.FraudTool.XPAntispyware2010.