Scareware List for July 31, 2009

Antivirussystempro1

Looks like they went out and made a quite a few domains lately so Here they are:

  • antivirus-live-pro.org ([intlink id=”1837″ type=”post”]Antivirus Pro Scareware[/intlink])
  • internetantivirusplus.com (Fake Antivirus)
  • mybestantivirusplus.com
  • securesoftwarebill.com (Rogue System Security Antivirus)
  • yourantimalware.com
  • totalsurfguard.com
  • systemsecuritysupport.com
  • stabilitysuite.com
  • powersystemstability.com
  • onlinecentersupport.net
  • identitysecuritysuite.com
  • etotalsecurity.com
  • defenseinteractive.com
  • defenseinteractive.com
  • antispyinteractive.com
  • antispyavailable.com
  • protectionsystem.org(Like [intlink id=”1837″ type=”post”]Antivirus Pro Scareware[/intlink])
  • realbestantivirusplus.com

Remember these sites are active and are scaring people into buying or installing there product, you should not go to these sites. As you can see the Scareware Writers and domains have been busy this week and have made these to use in this weekend I can bet on that.   These sites are trying to [intlink id=”3607″ type=”post”]scare you into buying there product or installing there fake antivirus software[/intlink].    If you are constantly inundated with pop up windows warning you have a virus or trojan and showing you a load of viruses or trojans on your screen. They will probably ask you to install software or buy the product that would be a big waste of time and could possibly install even more malware and also could loose money. You should never download any software from sites you don’t know or buy from sites that you’ve never heard from.

Threat to System : Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

[ad#SUPERAntiSpyware]

Antispy.microsoft.com is another Scareware

It looks like the people who invented “[intlink id=”3805″ type=”post”]Antivirus System Pro[/intlink]” have made another site looking like it was a Microsoft site:

Antivirussystempro1

It looks like they use hijack your host file and inseart “Antispy.Microsoft.com” to the host file  with the IP address of “209.44.111.62”  There is no real website at Microsoft with that url so if you get this you have a some kind of trojan or virus on your system.   By using the domain name of Microsoft.com the chance that people will believe this is actually from Microsoft and buy this fake software is higher than with it having its own domain.

[ad]They seem to have incorporated the [intlink id=”3872″ type=”post”]Site Adviser Scareware tactics[/intlink] these tactics seem to be a new way for them to look Official almost like they are the read deal and should there for be taken for the REAL Thing.   You should [intlink id=”3884″ type=”post”]Download SUPERAntiSpyware[/intlink] and See if you can find the problem.   If that doesn’t work you can always remove this threat manually.

This has the same ideas as the “ITsecure.Microsoft.com” Malware, they both look like they are from Microsoft and have modified the host file but are really Scareware trying to trick you into buying there fake antivirus and you would be loosing money.   I would recommend you checkout my [intlink id=”2205″ type=”page”]Malware resources[/intlink] and find out what I recommend to prevent this from the future.

Insanity Run Rampant — Antivirus Pro System (scareware)

Some of you would want to ask me why I am calling this title an usual title. In fact it is quite simple, I have been at the hospital since early this morning. While I was there I had some intriguing things happen. I was watching a person cruise the internet while they were at work. This is someone who is supposed to answer the phones and such. Then I see this POP UP, this draws my attention. “You SYSTEM Has Spyware”. This was my first thought, Scareware. The Popup said it was for “Antivirus Pro System”.
antivirus-system-pro

Since this was a Hospital computer, I couldn’t get a real screen shot of this but there are plenty examples out there, just like that one above.  Anyways what worries me is how System Admins are allowing employees to surf the web while at work on company time.   It also makes for a bad experience with their family.  It also concerns me about the fact that while that computer is infected some of the patients records could be leaked online.

[ad]If you have this Scareware program, Here is a good explanation on how to remove it.   Hospitals have a duty to protect peoples privacy.   Although I seriously this system had patient records it was being used to keep track of who was in surgery and where they were.

Hospitals should prevent their employees from using the internet and preventing patients or their family’s from using the internet.   While I was there I couldn’t do much but check my email and Maybe watch Twitter using Tweetdeck.   That was how bad the bandwidth was there.  According to some nurses they have a T1 Line.   So you know people are watching movies or other things through the internet.   I also heard from a doctor that people were streaming who were supposed to be at work.

That has been my day,  and am I tired.

I would also suggest people have a f[intlink id=”2205″ type=”page”]ree anti-virus software and a Good free Firewall[/intlink] to help prevent this type of scareware in the future.  Remember your the End User and that means only you can prevent this from happening in the first place.  Never go to suspicious sites or URLS that you don’t know where they go.   If you can prevent these types of attacks then you are much better off.