Threat Description:
One of the IT security news of the day is Security Antivirus rogue software got itself a new hijacker which is meant to promote it. Www1.dak-of-cure-formypc.in is the subject of this post being an intricate website that resembles an online scan window (please take a look at the screenshot within this article). The trojans associated with Security Antivirus scareware application tend to jack up your browser and reroute it to Www1.dak-of-cure-formypc.in which is today’s hijacker domain and will be swapped by a different one probably yesterday as these replacements happen with notable frequency. Www1.dak-of-cure-formypc.in will display some close resemblance of My Computer UI that has a scan progress string in the middle to allegedly indicate the status of the purported scanner that runs. Of course there is no scan really going through your hard drives and system directories.
Threat Description:
Total-scan.com is a reflection of Security Tool rogue anti-spyware distribution basics. Visiting Total-scan.com is a result of browser jack-up implemented by trojans. Total-scan.com resembles some kind of a scanner that looks like a legitimate interface but is in fact nothing but a fake. This seemingly trustworthy appeal of that site is meant to convince you that you have just visited a real source of computer security. Still, the fact remains that Total-scan.com is a bogus scanner which is actually a simple HTML script programmed in advance to return the same results on all occasions. Total-scan.com has a fraudulent downloader embedded in its structure so when the above-mentioned scanner is through it will definitely recommend you to download Security Tool software (let us remind that it is a bad program to have on board one’s PC). If you end up downloading Security Tool, you will get your computer completely hijacked by that crimeware.
Threat Description:
XP Antispyware 2010 is a cunning computer program designed to collect money from credulous users. XP Antispyware 2010 will never ask for your permission before installing onto your workstation. It does a ‘smarter’ thing and bypasses the security barriers and user authentication owing to trojans disguise themselves as legitimate files or locate vulnerable spots of the to-be compromised computer system. The onset of XP Antispyware 2010 on your machine will be followed by its scanner that supposedly denotes a virus checking procedure but is in fact just a primitive script designed beforehand. Of course, that kind of scanner will return no trusty results. It will report the interception of malicious entities on your PC like trojans, worms, keyloggers and similar threats. Then, XP Antispyware 2010 will be sure to offer you to get your system protected through completing online registration which does not go without a payment of course. The ‘leftovers’ of the scanning procedure are the popup ads that appear from the system tray to notify you of even more security issues found.
Threat Description:
Www1.hugepowerofscan.in is a new insecure domain helping Security Antivirus rogueware enter computers and networks. You might get a bit surprised to learn that Www1.hugepowerofscan.in is entitled “My computer” and looks really similar to the corresponding Windows user interface. It’s peculiar of Www1.hugepowerofscan.in that it gets visited through browser rerouting resulting from the activity of trojan horses inside one’s Operating System. You may also hit Www1.hugepowerofscan.in if you click on some ad when surfing the Internet thinking it’s something interesting or helpful; so much for traffic driving methods. When you visit Www1.hugepowerofscan.in it issues a couple of pop-ups to stat its filthy brainwashing job. These alerts will tell you that some serious computer risks have been found on your computer. The complementing element of Www1.hugepowerofscan.in is the scan proper which runs after the initial ads are either approved or canceled by the user (it starts running either way). The scanner’s job is just to confirm that your machine is in danger. Next, there will be a downloader ad you will be prompted to click.
Threat Description:
Backdoor.RAdmin.ab is a digital pest that serves as malware that opens security holes in a compromised computer system to subsequently enable hackers to get hidden but almost unlimited access to the information kept therein. Backdoor.RAdmin.ab usually poses as some useful file to download to ease and facilitate the use of certain computer processes; this is why it’s an issue of critical importance to treat any potential download with caution. Backdoor.RAdmin.ab will usually cause the injected system to operate slower. One of the worst things about this hazardous trojan virus is its stealthy essence, which means it can run inside your OS and gradually deploy its dirty job without getting detected by the security software installed on the compromised PC. Backdoor.RAdmin.ab may collect some data which is strictly confidential, e.g. financial details and passwords. Like you can assume, there can be nothing good if cyber criminals get hold of these private credentials.
Threat Description:
Visiting Av-guru.net website is not a very pleasurable experience, to put it mildly. Av-guru.net is actually a domain syndicated in rogue anti-spyware propagation scheme. The malware being currently pushed with the aid of Av-guru.net is called Antivirus Soft, and it’s one major bug. The site we are describing here is not damaging to visit directly. It contains no malicious scripts, nor does it have any dangerous freeware downloads. But the worst part about Av-guru.net is its being an obnoxious hijacker that comes to control one’s browser to subsequently reroute it to the official web page of nasty rogueware. Av-guru.net contains a payload of Antivirus Soft, i.e. the full version of this crimeware. It offers its visitors to register and install the licensed copy of the associated malicious program. So it doesn’t really suffice to just refrain from hitting Av-guru.net. It’s a big problem if you get forcibly redirected there.
Threat Description:
Av-crew.net is a malignant Internet creature that jacks up computer systems to drive illegal traffic to a page selling Antivirus Soft scareware. Av-crew.net is actually the official site of Antivirus Soft and is not harmful if visited by you randomly, i.e. from your browser location bar. Nevertheless, Av-crew.net grows into a problem if it hijacks your web browser. And it’s Antivirus Soft junkware to blame for this scattershot web-surfing. This rogue software goes so far in its bad activity that it reaches as far as the HOSTS file of Windows OS. The malware additionally interferes directly with the web browser configuration adjusting it slightly to the malvertising plan. So if your IE gets hijacked by Av-crew.net you will repeatedly visit that web page now and then until you either purchase Antivirus Soft or get rid of the pest. Av-crew.net contains a couple of false testimonials of imaginary people whose lives were allegedly changed for the better thanks to Antivirus Soft. It makes no sense believing all the crap info provided through Av-crew.net.
Threat Description:
Securityantivirus.net is a small yet pretty annoying fragment of a scareware distribution campaign. The similar-sounding rogue anti-spyware solution being promoted with the help of this domain is called Security Antivirus. This scareware enters one’s system bypassing the authentication and usually applies some trojan downloader for that. Securityantivirus.net is a site that gets hit as a result of browser redirect activity being put forward by the rogue we’ve mentioned. As you can judge from the screenshot, Securityantivirus.net offers a downloadable version of its sponsoring crimeware. But it’s not only a distributor of free trial version. Securityantivirus.net has a tab called ‘Buy now’ which prompts you to purchase Security Antivirus’ license for 6 months, 1 year or lifetime, the price varying respectively. It’s quite important to keep oneself from falling for any information Securityantivirus.net provides. That domain is a shortcut to malware invasion.
Threat Description:
Does Soldierantivirus.com sound like a website one could trust? Probably yes, but even a superficial analysis of the site reveals its malicious essence. Soldierantivirus.com contains a downloader of Security Tool software which is a blacklisted utility that should never be allowed inside one’s system. Security Tool deploys deceitful activity so as to get its creators some income. It states that it has detected dangerous contaminants on your workstation and then recommends you to purchase its license for spyware removal purposes. Soldierantivirus.com is a domain Security Tool redirects you to, in case it compromises your computer system. Everything you can view on Soldierantivirus.com is a complete lie. It describes and praises Security Tool to be allegedly a “comprehensive, all-in-one security solution” protecting your machine from spyware intrusions etc. None of the above capacities of the scamware is real.
Threat Description:
Speaking about Pc-winlive.com website, we ought to mention that it is a hijacker, i.e. a domain pushing insecure software. Pc-winlive.com is associated with the campaign of Windows Defender 2010 scareware promotion. It’s integrated with the rogue antivirus software’s billing system and thus serves for the purpose of selling this nasty tool. Pc-winlive.com is visited if a random alert generated by Windows Defender 2010 is pushed. So it just redirects your browser and makes you to go online places you definitely don’t feel like visiting. Pc-winlive.com describes the sponsoring rogue antivirus software as fast, safe, easy to use and trusted by millions. But in fact, Windows Defender 2010 is a corrupt application that intrudes on your machine without asking if you mind or not. It can’t and doesn’t help you protect your computer at all. So if you get directed to Pc-winlive.com, don’t forget to check your system for viruses and other malware using reliable security software that does work.