|
|
Malware Analysis:
System Security 2011 feeds you blank promises about help removing computer malware and expects you to fall for this and submit the money it is so keen on. Although this malicious product is new (released and exposed yesterday), the idea has definitely been around for months and has been observed in over ten very similar-looking scarewares. Just the few latest ones were AV Protection Online and Cloud Protection: just take a look at the images of these rogues to understand our theory. Let’s get back to where we were and try to dissect System Security 2011 in detail. This one gets into a PC through an exploit with active participation of a trojan virus. To save some time and spare you of redundant analyzing, we will just say such method of intrusion is detection resistant, meaning that neither your authorization nor firewall permission is required for the program to actually install. After the entrance stage is completed, System Security 2011 quickly advances into a more aggressive activity. The badware alters your Registry in a way by adding some keys and creates new files, including executable ones. So after the next PC restart, this malware will be in force to the fullest extent.
Malware Analysis:
AV Protection Online, a successor of Cloud Protection, is malware that contaminates one’s computer to specifically gain its makers profit. Fakeness of this program is beyond all doubt as its deliberate misinforming of users is a fact acknowledged by the whole antimalware community. Concerning the spreading specificity, it’s quite regular in terms of rogueware. The trojan horse distributing AV Protection Online tends to disguise itself as software that aims to provide you some assistance or optimize certain system processes. For instance, it is likely to come as a part of multimedia codecs, Flash player updates etc. It’s amazing that such a small fragment of corrupt code (we mean trojan) can cause such an immense mess inside your computer. It is well trained to spot weaknesses of your system and open backdoors, i.e. gateways in your security. It’s through these holes that AV Protection Online is literally dragged into a PC without even a hint of your awareness or consent. The presence of this awful tool on your workstation is always marked by the ‘standard’ scareware set: frequent fake scanners, bogus pop-ups – all multiplied by some general system work obstruction.
Malware Analysis:
It’s easy to say ‘Don’t go to Noblesearchsystem.com because it is a malicious web page’. It’s much more difficult to avoid this if a browser redirect parasite settled down on your machine. This is the case we would like to discuss in this article. The modern trends of malicious software distribution are manifold. Rogue antivirus business used to be number one, until some serious international effort was taken to knock it down last summer. During this temporary outage, the many fraudsters who apparently managed to avoid prison have been indulging in a different type of industry. It’s about jacking up web surfers’ search and arranging immense traffic amounts to certain landing pages that are optimized for traffic conversion, i.e. monetization. All they need to do for this goal to get put into practice is spread a virus that substitutes Search Engine results with something else, which they have been unfortunately having success in. Noblesearchsystem.com is an invention of these bad guys. It is a target page you hit every time you click on a link in Google, Yahoo or Bing search results list (provided you got the affiliated virus on board).
Malware Analysis:
Today’s top malware is Cloud Protection. We spotted it during a regular web session and felt its awful impact to the fullest. Apparently the virus got through and ended up on our lab machine after a trojan made it inside first. This little pathfinder does a paramount work for compromising PCs, in the bad way of course. Its mission includes downloading most of the components of the to-be rogue antivirus. That being done, these fragments of the seemingly scattershot puzzle get configured to combine into a fully functional malignant program. This unexpected application then gets down to doing what it is meant to. It makes repeated attempts to baffle you by telling you that a variety of vicious infections were found on your machine during its scan. Some pop-ups added, Cloud Protection gradually moves close to its aim. This aspect of the fraudware’s activity is about intimidating you. It ‘exposes’ the infections that do not actually reside on your computer. What for? It’s done to get you doing thoughtless things due to this confusion and fear. Cloud Protection recommends that you get your PC cleared of the viruses by activating its cleaning function.
Malware Analysis:
The basics of security knowledge should prompt anyone concerned that AV Guard Online is a program to avoid. It’s not only because we say so but also due to the numerous side effects it causes to your Operating System and your mental health. The application is extremely annoying and such a liar. It feeds you misinformation about virus protection level of your PC, stating that a large quantity of malicious objects have been intercepted during its scan. According to the computer security monitoring allegedly conducted by AV Guard Online, quite a few worms, adware and other potential risks are residing inside your system and may eventually lead to serious consequences unless removed. You have probably figured already these items are nothing to worry about because they do not exist (at least not on your computer). What you do need to be concerned about is the presence of AV Guard Online in your cyber neighborhood. Not only does it get obnoxious but may as well make your PC too weak to resist infections of different kinds such as actual spyware (not made-up), keyloggers, trojan horses etc. And that’s when you may face real problems.
Malware Analysis:
The longer Security Guard 2012 rogue anti-spyware stays on your personal computer, the worse it all gets. This is an example of a nasty malicious utility possessing the ‘full house’ of badware features. It is stealthy, which means its appearance is usually a surprise even to those who care about cyber safety and consider themselves computer savvy. Most cases of contamination took place after visiting a compromised website with a bad script in its structure. Anyway, what happens next? When Security Guard 2012 gets on your PC, it changes system settings and makes sure its process gets triggered along with the legitimate ones. Moreover, the random named file responsible for this mess gets configured to overrun other executables, making it a real hard nut to crack opening, say, Microsoft Word, Notepad or the antivirus software you are using. When this rogueware is running, it shows you a great many alerts and even runs virus scanners looking like genuine ones. Now, please remember all of those are fakes. Security Guard 2012 is in no way fit to implement actual system protection routine, be it malware detection or removal of any infections.
Malware Analysis:
For your awareness, let us list some messages provided in false popup warnings by Data Restore scareware utility. So here we go: “Hard Drive Failure – The system has detected a problem with one or more installed IDE / SATA hard disks”, “System Error – An error occurred while reading system files”, “Critical Error – Hard drive clusters are partly damaged”. Once again, these are only several of the ads that get constantly generated by Data Restore tricky software when it’s running on your workstation. These ones look and sound pretty scary, don’t they? At least, that’s the idea the creators of this malware had on their minds when making their product what it is. The fake optimization tool under analysis is a part of the huge FakeHDD family, following some very similar-looking and same-acting mendacious apps such as Data Recovery and System Recovery which are just the most recent representatives of this syndicate. When you get one of these, you get pounded by lots of positives informing you of some serious system malfunctions. Data Restore also runs scanners to appear more persuasive. But what’s the point of such behavior of this software, you may wonder?
Malware Analysis:
OpenCloud AV is not really a new malware sample as it just continues the work started by its direct precursors one of which was OpenCloud Antivirus. Not only do these two look alike, they also do pretty much the same stuff to computers that were infected. How would you react to a program that installs itself without your consent, then keeps you from opening some applications and what is more, it fills up your screen with a lot of popup alerts. These warnings are a particular topic for discussion. They bear no info value at all, although they sure look like something you should take into consideration. OpenCloud AV uses this pop-up trick for a strictly defined reason – it tries to frighten you with confusing information about parasites that are purportedly overwhelming your computer, in the bad way. Beside the ads, this rogue software has another tool in store. It’s the fake system scanning that claims to disclose the real state of things with the safety of your machine. Each time these scans run and complete, they display reports that are full of pseudo infections listed. As you see, that’s quite a lot of effort towards making you believe some wrong things.
Malware Analysis:
What have you heard or known of Security Sphere 2012 application before? No matter what it was, we bet it was nothing good. There are several very relevant causes for this statement of ours. The traits of Security Sphere 2012 testify to its common roots with the Personal Shield Pro fake antivirus software. Likewise, it scans your computer just like a real PC cleaner but that’s only what the whole process looks like. In fact, the scan does not reveal any true facts about how your system is functioning for the moment and whether or not it has spyware on board. Security Sphere 2012 reports the things you don’t actually have. Those are pseudo worms, so-called adware, signs of spyware and similar bad notices for any average user. The good news is you don’t have the issues returned in this program’s scan results and the ads it displays. As always, there’s some bad news at the same time though. There’s something else Security Sphere 2012 wants from you, apart from the animated cartoons (we mean the scans and the false positives) it keeps triggering on you.
Malware Analysis:
Some malign attributes of Advanced PC Shield 2012 software are laying right there on the surface. It completely ignores the authorization guidelines during the install procedure and furthermore gives you a totally wrong overview of your operating system’s safety level. The instruments employed are numerous phony scanners and other sorts of false positives that will, sadly enough, become an inalienable part of your cyber life since the onset of this malware. Advanced PC Shield 2012 is basically non-typical in terms of the regular AV software activity, and very typical as a rogue anti-spyware client. Therefore when you see a scan with this program’s name on top of it, do not make a common mistake and never take the reported data for granted. The badware will be repeatedly saying you got problems like adware, trojan horses, spyware, keyloggers and a bunch of other disgusting stuff that you don’t want on your computer. Well, if those threats were on your machine for real, it would definitely make sense to get rid of them all.
|