Category: Trojan

Scareware Site — Internet Antivirus Pro

Paul

I was checking out the site unmast.info and this came up:

Internet Antivirus Pro

As you can see this try to scare you into doing two things.  It tries to Mimic the look of your hard drive and also tries to get you to download a program.  The Program is called Install.exe.  Downloading this file causes AVG and Windows Defender to Pop up with the Warning:

Internet Antivirus Pro1

As you can see this isn’t a good program to install and if you have then I recommend you doing a full system scan and removing this Trojan which I am sure has also installed other Malware like a botnet or something along that lines. Your Privacy isn’t safe on that computer so you should do these things as soon as possible.

Threat to System : Severe

[rating:5/5]

Advice : Do a Complete system scan and Remove this Trojan and any others that have been installed.

I recommend :

Do a Full System with One of these Free Antivirus Software:

[ad#SUPERAntiSpyware]

No scareware Thanks from no-spyware-thanks.com

Paul

personalantivirus3

[ad]This just poped up on my radar, and I wanted to let people know about this [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink] site.  I’ve been talking to another blog about what they have been getting lately it is called “iwishvirusclean.com” Thanks to this blogs post we been talking the last few hours and a comment was left about no-spyware-thanks.com and this site is of course an personal Antivirus scareware.   They try to scare you into buying there product or downloading a trojan that keeps warning you have a virus so they can still make money.  Which on the same ip this domain is also there “securedvirusscan.com”, I will assume this is also [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink] site.  Also “iwantsweepviruses.com” Is another [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink] site, which is also on that domain.  This was just told to me but “thankyouforscan.com” is another domain they are using for the [intlink id=”3607″ type=”post”]Personal Antivirus Scareware[/intlink] site.  You should never download or buy anything from these types of sites.   If you think you have a virus or Trojan, I would recommend doing a complete scan and making sure you have no more scareware on your computer.

Threat to System : Moderate

[rating:4/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware.

I recommend :

[ad#SUPERAntiSpyware]

Fake Security Adviser from explorersecurityhelper.com

Paul

I saw this come in my way and I thought I would share it:

fakeexplorersecurityhelper

Here is a site that is another scareware attempt from the makers of [intlink id=”3607″ type=”post”]Personal Antivirus[/intlink].   They do this to get money from unsuspecting users who think this will protect there system but the truth of the matter, they are either trying to get you to install even more Malware or buy a program that doesn’t do what it claims.   You should never buy from a site you do not know anything about and you should never install software from a site you have no knowledge of

Threat to System : Critical

[rating:5/5]

Advice : Do a Complete system scan and make sure you don’t have any more hidden malware. This has altered your browser and can be monitoring your system and should be taken off your system. You should consider your system compromised until you clean your system.

I recommend :

[ad#SUPERAntiSpyware]

How Fake Antivirus writers try to fool you

Paul

I went looking around and saw this:

Homeantivirusfake

As you can see they try to make this site look like it is real. It also make the user at first glance become relaxed because of all PC Magazines and site stickers as I call them.   You also get to see a list of  latest virus alerts and threats, all of this is done to make you feel like this is a real Antivirus site.   They also have the box look like Windows Vista and Windows 7 look and feel to it.  Everything you see here makes you more relaxed and almost gets you to buy the software but wait, I want to know more about this company.   No way to call or who they are?  So I download the file call “Installer2.exe” and AVG pops up with:

Homeantivirusfake1

Not even AVG had the chance to say or do anything about this before Microsoft throws up this warning about it being a “Trojandownloader:win32/fakerean.gen!c”, I have got to admit Microsoft has been doing a little better job of identifying some of the threats.  Sites that all have this type of theme to them are:

  • homeanti-virus2010.com

  • homeanti-virus-2010.com

  • home-antivirus-2010.com

  • home-anti-virus2010.com

  • home-anti-virus-2010.com

  • home-antivirus2010.com

  • homeantivirus-2010.com

  • homeantivirus2010.com

  • homeav2010.com

  • home-av2010.com

  • home-av-2010.com

  • pcsecurity09.com

  • pcsecurity-09.com

  • pc-security09.com

as you can see they have made a URL theme for all the domains.   But all of these are located at IP:

  • 72.52.210.130

  • 72.52.210.131

  • 72.52.210.132

  • 72.52.210.133

As you can tell this can be considered a campaign by some individual to try to get money from innocent people.   So your best bet is to not go there and if you have it:

RECOMMEND : [ad#SUPERAntiSpyware]

Harry Potter and the Half Blood Prince Movie Spreads Malware

Paul

It seems in anticipation of the release of Half Blood Prince the Malware authors are starting to send for the movie. For example:

harrypotterblogspotfake
As you can see they really try to fool you into think your are going to be able to watch it for free.    They even put it the movie poster to try to get you to click that link. It is on a blogspot page and has a few Google followers, which I am amazed at because what I have found it.   If you were to click that play link (usa-top-news.info) it will redirect your to (world-news-scandals.com) and then to the final destination (tubes-portal.com). Each site is surprisingly in the US and tries to look like it is a real site. It sends you a file called streamviewer.40018.exe, which I am surprised AVG hasn’t picked this up so I went to see if this was a virus and Virustotal showed me this:harrypotterblogspotfake1

[ad]Very few actually detect this trojan downloader even [intlink id=”2205″ type=”page”]AVG[/intlink] hasn’t detected this as being malware.   So you best bet is not try to go watch it early because 9 times out of 10 it will be a virus.  You also should know that there are even some links in Digg.com and other popular websites that are promoting this. The top rated sites are what I call Google Juice to put the blog spot website onto the first page of Google. So you should install a good [intlink id=”2205″ type=”page”]Anti-virus software and Firewall[/intlink]. I also believe this will be coming out on DVD in December according to my sources this movie has been ready for quite some time and they are anxious to have it ready for Christmas so you won’t have to wait long to see it. Afterall they have had this movie ready since last Year.

This seems to be like the [intlink id=”3448″ type=”post”]Fake Codecs[/intlink], I have talked about.   In order to see this you have to install this software to view this movie.   I don’t even know if it is a true movie but I do expect in the coming weeks to days there will be even more Fake Sites like this trying to promote watching it for Free.  Thank goodness [intlink id=”3385″ type=”post”]we don”t have to worry about Zango anymore[/intlink]. Nothing in life comes free, so be on your guard.  Only you can prevent virus infections on your system.