Page 7 of 15
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Fri Jun 21, 2013 3:03 pm
by Xylitol
Win32:Virut wrote:It's using ClamAV engine, and really detecting threats, but it's suspicious, (it's using very simillar interface to Winwebsec fakeavs)
the term 'steal' is probably more appropriate than 'use'
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Sat Jun 22, 2013 3:59 am
by EP_X0FF
Win32:Virut wrote:AVASoft Professional Antivirus
http://youtu.be/e_1rj2Q-Bfg
hxxp://www18.zippyshare.com/v/79140735/file.html
It's using ClamAV engine, and really detecting threats, but it's suspicious, (it's using very simillar interface to Winwebsec fakeavs)
It is common chameleon strategy of fakeAV, sometimes they really virusscan... for windows 9x malware.
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Mon Jun 24, 2013 2:01 pm
by Xylitol
Ripped affiliate pages
Trojan-FakeAV.Win32.Agent.sio, Trojan-Ransom.Win32.Blocker.b
PostPosted:Tue Jun 25, 2013 7:21 pm
by Win32:Virut
Re: Trojan-FakeAV.Win32.Agent.sio, Trojan-Ransom.Win32.Block
PostPosted:Tue Jun 25, 2013 7:46 pm
by r2nwcnydc
Here you go.
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Fri Jun 28, 2013 1:09 pm
by hx1997
56 Winwebsec
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Mon Jul 01, 2013 5:09 pm
by Blaze
Internet Security
it is highly recommended that you activate WinPC Defender to assure that your PC works correctly and has no crashes
MD5: 71e05835e8e839ab0d79fac53935c6f7
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Mon Jul 08, 2013 9:55 pm
by Cody Johnston
Internet Security fresh from today - same as above picture
VT 3/46:
https://www.virustotal.com/en/file/2ef2 ... 373317953/
MD5: 626f2a1faef09200a1bcb6e7e0685373
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Sat Jul 13, 2013 9:02 am
by Win32:Virut
Re: Rogue Antimalware (FakeAV, 2013 year)
PostPosted:Sat Jul 13, 2013 10:28 am
by Win32:Virut
After removal:
You can use
http://www.bleepingcomputer.com/download/fixexec/ (change extension to *.scr)
