Members
  • Total Members: 14197
  • Latest: Levine
Stats
  • Total Posts: 43434
  • Total Topics: 16528
  • Online today: 3114
  • Online ever: 51419
  • (01. January 2010., 10:27:49)
Users Online
Users: 2
Guests: 3042
Total: 3044









Author Topic: Personal Antivirus: Another Malicious Program to Avoid (Trojan.win32.agent.azsy)  (Read 7051 times)

0 Members and 1 Guest are viewing this topic.

Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum


An immense blackhat SEO campaign dedicated to promoting the rogue security product called Personal Antivirus (aka PAV) has been playing ultimate havoc with the cyber-world for the last few months. Let's take a closer look at the scareware tactics employed by the hackers who released Personal Antivirus fraud and keep on distributing their renegade “offspring” with great rapidity.

The apparent conclusions drawn from the analysis of Personal Antivirus scareware testify to its being actively propagated via browser-hijacking trickery. It means Personal Antivirus tends to exploit the trojan-based techniques to infect numerous workstations and get integrated with probably the most vulnerable piece of software installed – the web browser, Internet Explorer being most easily affected.

Next, Personal Antivirus hijackers will drive traffic to insecure domains that pimp the badware through the use of deceptive methods. The distinctive feature of all the domains involved in Personal Antivirus promotion campaign is the URL structure which pre-supposes the use of …v[random number].com extensions. Instances of such websites are as follows: Livefolderscannerv6.com, Antivirusbestscannerv5.com, Antiviruspcscannerv7.com, Antimalwarecheckv6.com, Fast-antimalware-scanv3.com etc. As you can see from the URLs above, all of these hijackers imply some sort of “scanning” or “checking” element – it’s because these domains actually resemble online security scanners allegedly performed by Personal Antivirus. Eventually, on seeing those fake malware detection reports, the most trustful computer users will probably get inclined to install the recommended software, thus unknowingly jeopardizing their PCs and the networks they refer to.

On a number of occasions, Personal Antivirus is known to have shamelessly taken advantage of the search engine results for popular searches like Swine Flu or Jakarta Bombing Incident. PAV rogue domains were among the top search items, which evidently means the traffic rates were high.

Once the unregistered version of Personal Antivirus breaks into the potential victim’s machine, it embeds itself with some of the critical system processes and configures the compromised system to run the PAV executables every single time the PC is started. Consequently, after Personal Antivirus trespasses on one’s computer, it will do its best to drill its way to the user’s credulity and appeal to the natural aspiration for a healthy cyber-environment. The endless phony security scanners and multiple fake alerts mentioning imaginary threats like Trojan.win32.agent.azsy (the most frequently displayed bogus detection) will keep disturbing your computer routine until you either purchase PAV license or remove the pest.

Make the choice at your own discretion but remember - Personal Antivirus license costs around $50 and…one’s common sense, which is a way too high price to pay. All because Personal Antivirus does not belong on any PC since it ruins and distorts the arranged system it infiltrates. Do not surrender to online fraudsters and take adequate and timely measures to get rid of Personal Antivirus scam.

(Huliq)

Samker's Computer Forum - SCforum.info


georgecloner

  • SCF VIP Member
  • *****
  • Posts: 171
  • KARMA: 16
  • Gender: Male
To those unfortunate PC's infected with the rogue virus. "Malwarebytes Anti-Malware" will be effective enough to detect and remove PAV.

Download from CNET: http://download.cnet.com/Malwarebytes-Anti-Malware/3000-8022_4-10804572.html?part=dl-10804572&subj=dl&tag=button

Creativity is a mental and social process involving the generation of new ideas or concepts, or new associations of the creative mind between existing ideas or concepts.

Darksat

  • SCF VIP Member
  • *****
  • Posts: 20
  • KARMA: 2
    • Darksat Security Forums
Try Linux, the best antivirus solution available. ;)
Anyone still running IE is asking for trouble anyway.



Samker

  • SCF Administrator
  • *****
  • Posts: 7529
  • KARMA: 322
  • Gender: Male
  • Whatever doesn't kill us makes us stronger.
    • SCforum.info - Samker's Computer Forum
Anyone still running IE is asking for trouble anyway.


hmmm...

Please read this research: http://scforum.info/index.php/topic,2640.0.html


Darksat

  • SCF VIP Member
  • *****
  • Posts: 20
  • KARMA: 2
    • Darksat Security Forums
Yeah like you said though, mozilla discloses all security holes found.
Besides I prefer Opera myself anyway.

Samker's Computer Forum - SCforum.info


 

With Quick-Reply you can write a post when viewing a topic without loading a new page. You can still use bulletin board code and smileys as you would in a normal post.

Name: Email:
Verification:
Type the letters shown in the picture
Listen to the letters / Request another image
Type the letters shown in the picture:
Second Anti-Bot trap, type or simply copy-paste below (only the red letters):www.codekids.ba:

Enter your email address to receive daily email with 'SCforum.info - Samker's Computer Forum' newest content:

Kursevi programiranja za ucenike u Sarajevu

Terms of Use | Privacy Policy | Advertising
TinyPortal 2.3.1 © 2005-2023