Select Page

Yesterday we blogged about the most recent rogue security product in the WiniGuard family, TheDefend. Patrick Jordan had observed that a new clone was appearing about every two days. Overnight the pace picked up and loyal blog reader Fatdcuk let us know about yet another. He left us a comment: “SysDefence went live about 3 hours ago. They’re flying off the conveyor belt today.”

Patrick analyzed it and plunked it in the WiniGuard family, and our detections, as SysDefence.FakeSmoke.

SysDefence_GUI

The GUI is identical to TheDefend except the name.

Thanks Fatdcuk. Thanks Patrick.

Tom Kelchner