From the Webroot Threat Blog:
This week's rogue, once again, mimics a system utility and not merely an antivirus product. Either way, the scam is the same: Convince the victim that their computer is broken, then coerce them to pay for useless snake oil.
These rogue system utilities go by the names Windows Troubles Killer or Windows Salvage System; They are, for all intents and purposes, identical programs which have been "skinned" with different names. They actually appear to be a hybrid rogue, carefully blending a customized mix of malarkey and baloney into some sort of shenanigans smoothie. The program claims not only to be able to scan your computer for problems with software settings and other system optimization-sounding stuff, but also to perform some sort of check of your "Computer Safety" and "Network Security." Oh yes, and there's an antivirus component too, just to round out the complete package.
All in all, it's a fairly rudimentary rogue to remove (whether you choose to do it manually or use our software), but it performs some unique system modifications that disable some legitimate security software, turns off some important Windows features, mimics some of Microsoft's own software, and generally acts as a nuisance while reducing the actual security level of an infected computer. I'll detail those after the jump. [Screenshot]
The software installs itself to the %appdata%\Microsoft path, using a random, six-alphabetic-character filename.The icon looks like a wooden shipping crate?because there is no material known to humankind with a better reputation for strength, protection, and durability than wood, amirite? [Screesnhot]
Once installed, the rogue looks like yet another variation on the typical ransomware-type rogue app theme: It starts up with Windows, prevents the Desktop from loading, and only grants access to its "fix error" features if you pay for a license key.
Continued : http://blog.webroot.com/2011/06/20/windows-troubles-killer-salvage-system-rogue-of-the-week/