Win32/Onescan
Windows Defender detects and removes this threat.
This family of rogue security programs pretend to scan your PC for malware, and often report lots of infections. The program will say you have to pay for it before it can fully clean your PC.
However, the program hasn't really detected any malware at all and isn't really an antivirus or antimalware scanner. It just looks like one so you'll send money to the people who made the program. Some of these programs use product names or logos that unlawfully impersonate Microsoft products.
Even if you do pay to "unlock" the app, it won't do anything because your PC isn't actually infected with all that malware it "found".
Different brands of the rogues may modify various settings on your computer, end or close programs or system services, or block access to websites.
Onescan might use any of the following logos:
Rogue:Win32/Onescan
Windows Defender Antivirus detects and removes this threat. See the Win32/Onescan description for more information.
TrojanDownloader:Win32/Kepma.B
TrojanDownloader:Win32/Kepma.B is a trojan that downloads unwanted software. It may also send information about your computer to a remote server.
PUA:Win32/Niguide
This application was stopped from running on your network because it has a poor reputation. This application can also affect the quality of your computing experience. We have seen this leading to the following potentially unwanted behaviors on PCs:
- Adds files that run at startup
- Injects into other processes on your system
- Tampers with root certificate trust
These applications are most commonly software bundlers or installers for applications such as toolbars, adware, or system optimizers. We have observed this application installing software that you might not have intended on your PC.
If you were trying to install an application, you might have downloaded it from a source other than the official product's website.
We usually see this application installed on PCs in the following countries. This list is sorted according to prevalence:
- Korea
- United States
- Canada
- Japan
- Australia
This detection is part of our extended Potentially Unwanted Application protection feature.