Infostealer.Shiz is a Trojan that gathers sensitive data from a compromised computer, which will be sent to malware author on a specified time. This Trojan also allows a remote attacker to gain unauthorized access on the compromised system by establishing a backdoor. More
Antivirii 2011 is a rogue security program that comes from NRB (Napalm Rogue Builder). This fake antiv-virus application is usually hosted on various fraud web sites that will provide a quick online virus scan once visited. On an analysis conducted by precisesecurity.com, these web sites will open a browser window that mimics the interface of Windows Explorer. However, authors behind the attack integrate a virus scanner to deceive users and convince them to download the trial version of Antivirii 2011. More
Backdoor.Pihar is a Trojan that may infect master boot record (MBR) of the target computer. Symantec and other anti-virus applications may detect the compromised MBR as Boot.Pihar. To allow remote unauthorized access, Backdoor.Pihar will open a backdoor and accepts commands from an attacker. More
AV Secure 2012 is just another clone version of AV Security 2012. They both came from a family of rogue security application that repeatedly clones and spreads similar harmful applications. AV Secure 2012 and AV Security 2012 are included in the inventory of fake security products that will trick user in order to convince them into acquiring the commercial version of the software. More
Backdoor.Eminoc is a dangerous Trojan specifically crated to modify certain Windows system file. The Trojan also opens a backdoor on the infected computer that may allow a remote attacker to execute malicious actions. More
Win32.DNSChanger VJ.Trj is a harmful Trojan that modifies infected computer’s Domain Name Server (DNS) settings to be able to redirect traffic to predefined unwanted web sites. Win32.DNSChanger VJ.Trj may display advertisements on the compromised machine while user is browsing the web. More
Backdoor.Protucs, or also known as Backdoor.Protux is a harmful Trojan that may allow a remote attacker to access the infected computer through backdoor. When executed, the Trojan may contact a server to download additional malware. More
Cloud AV 2012 makes Internet browsing a bit dangerous. This rogue is often hosted on legitimate web sites that got compromised by a Trojan. User who bump into these sites may obtain the rogue application unexpectedly due to the drive-by-download mechanism applied. Once Cloud AV 2012 is inside the system, it targets the total manipulation and wants to control of the computer. For this reason, the malware will modify system registry and drops additional harmful files on various locations. Cloud AV 2012 is capable of self-execution after Windows log-in. It initiates a virus scan and directly pronounces several threats found on the computer. More
System Fix virus and its clone Computer Fix virus are some of the newest variants from the group of fake hard drive utility software. It introduces self as a program that can fix system errors and improve the performance of computer after acquiring the full version. More
AV Protection 2011 is a virus or commonly known as fake security program spreading itself in the wild and infecting as many users as it can through various ways. On this instance, we have acquired the virus when the machine was infected with the Trojan. This Trojan handles a series of redirect until the browser obtained the AV Protection 2011 installation file from one malevolent web page. After installing the fake anti-virus, it immediately terminates any running programs on the PC including Internet Explorer. When attempting to run IE again, the malware blocks the process and issue a warning stating that the file is infected. Base from previous experiences, we know exactly that the false warning aims to deceive users so that they can be convince about the hazard presently occurring on the computer. More