I-Scan

I-Scan is a Korean rogue scanner and may be distributed under different names while usually being detected with the label of a Rogue:Win32/Onescan infection. Rogue security products like I-Scan will imitate the services of actual anti-virus and system diagnostics programs, but give erroneous messages and attempt to redirect the user to criminal websites. Having I-Scan or another rogue security program on your system will also create security issues and may result in browser hijacking experiences. Since many rogue security products are distributed by Trojans, you may have to delete I-Scan even if you don't remember deliberately downloading I-Scan.

A Family You Shouldn't Be Eager to Meet

The I-Scan rogue security program is just one member of many similar products that use very similar code and behavior, with only minor differences in names and graphical shells to distinguish one from the next. Some of the aliases you may see I-Scan under include PCTrouble, Siren114, One Scan, EnPrivacy and MyVaccine.

As a Korean rogue security product, most people outside of Asia are unlikely to deal with this infection, but if you do traffic in file downloads from Asia you may want to be careful to avoid I-Scan and all I-Scan's ilk. Rogue security product downloads are often enabled by Trojan infections that are most easily acquired through visiting malicious websites or downloading insecure files.

After You Shake I-Scan's Hand

The results of getting an I-Scan infection are very similar to the attacks caused by other usual rogue security programs:

• I-Scan will generate false error and alert messages with content that's both misleading and very alarming. The profusion of messages I-Scan spews out is cheap psychological manipulation intended to get the user to distrust their standard computer security and trust I-Scan.
• Another deceitful behavior by I-Scan is the use of scans that depict results predetermined by the rogue security program's coders. I-Scan may force you to sit through these scans, frittering your time away to no purpose, and will always report nonexistent infections that require you to purchase I-Scan or another fake security product to fix.
• I-Scan sets itself apart from some of I-Scan's other rogue security programs by contacting remote addresses. This can allow I-Scan to assist remote attackers or simply to let I-Scan play the part of spyware and give confidential info into the possession of people who have no right to it.

Staying away from I-Scan's website and all rogue websites related to I-Scan is the best way to keep yourself from getting this rogue invader. All domains for I-Scan and I-Scan's clones are so far Korean ones; watching for that .kr tag can make life easier for you. I-Scan itself has a site at i-scan.co.kr, but I-Scan's cousins have dozens of other sites available, so keep your eyes peeled!