There is one catch here, however. The Anti-Virus program shown in action here is actually a fake! This piece of software itself is the virus! Welcome to the latest and the greatest fake Anti-Virus market, where you can find Anti-Virus 2010, Spyware Protect, or any sound-like-real-AV-software but in reality is malicious just like any other virus. This is the world of fake AV software, where the rogue scumware writers have made millions with fake anti-malware software that are in fact viruses themselves.
The first image shown above is just one of the many incarnations (other names used by this malware include Anti-Spyare, XP Guardian, and XP Internet Security) of the rogue malware called Anti-Virus 2010, which, not surprisingly, is the latest update to the well-known malware called Anti-Virus 2009! Yes, this is an updated version of the malware!
Let's now take a look at all the "features" of this latest incarnation. First, you will notice that the malware will actually register itself with Windows Security Center to make itself look legitimate:
Second, you will see that it will prompt you to register/purchase once the "scan" is done:
And finally, if you clicked on any of the links you will be brought to a seemingly-authentic website that is tailored to this virus:
Quite clever, isn't it? There is even more: this malware randomly picks a name when it infects a computer. Here are two other incarnations of the exact same malware:
Quite clever, isn't it? There is even more: this malware randomly picks a name when it infects a computer. Here are two other incarnations of the exact same malware:
Side effects of Anti-Virus 2010
Above we only showed the look and feel of the rogue malware Anti-Virus 2010. Underneath, this malware performs additional activities that will greatly impair the usability of the infected system:
- It will disable firewall settings on your system.
- It will disable existing Anti-Virus protection.
- It will hook executable open keys in your registry settings so that any time you open a program it will prompt you to purchase Anti-Virus 2010 first.
How to prevent malware like Anti-Virus 2010 from infecting your computer
Here at NovaShield, we believe that a proactive solution like NovaShield Anti-Malware will complete the protection of your computer along with other security products you have already installed. This is because NovaShield's approach aims at detecting and stopping new and unknown malware that tries to infect your computer whereas the more traditional signature-based solutions will try to protect your computer against known malware. Hence, when a new malware such as Anti-Virus 2010 tries to spread itself, NovaShield will be able to detect and stop it before it infects your system. A picture is worth a thousand words, here is the actual scanning results using 42 different traditional AV products on the Anti-Virus 2010 sample discussed in this post . You will see that at the time of the scan only three AV products were able to detect this new virus.
How to remove Anti-Virus 2010 if your computer is already infected
NovaShield Anti-Malware can prevent rogueware like Anti-Virus 2010 from infecting your computer. However, if your system is already infected with this malware before NovaShield Anti-Malware is installed, you need to follow these instructions to remove the malware. Then, we will recommend that you install NovaShield Anti-Malware to prevent future incidents like this.
0 comments:
Post a Comment