Privacy Protection disguises as anti-virus software. Obviously, it is a member of a rogue family using the same console from older variants. With the rebirth of this new model, Privacy Protection demonstrate same old damages with new authority over other programs installed on the system. It blocks execution of any software and if you try, it will announce that the file is infected. The alert will contain this message:
Program.exe cannot start!
File Program.exe is infected by W32/Blaster.worm.
Please activate Privacy Protection to protect your computer.
We try to run anti-virus and anti-malware program to remove Privacy Protection, but the effort fails and attains the same faith as other software. The rogue program seems to be more forceful than other versions from the same family. In fact, even our self-made tools to counter it attacks are not that effective.
Trying to remove the virus remotely from another PC also did not work the way we expected it to be. Privacy Protection blocks local area network access and Internet connection probably to avoid remote removal as we plan to execute. On the Internet side, attackers behind Privacy Protection prepared the software to prevent the download of any security programs by blocking the Internet connection in general. Wherein previous release, the rogue software only prohibits access to security web sites through changes it applies to proxy settings of the Internet browser.
Screen Shot Image:
Technical Details and Additional Information:
Privacy Protection Is Also Detected As:
Trojan.Generic.KD.392989 (BitDefender), Heur.Suspicious (Comodo), Trojan.MulDrop2.54093 (DrWeb), DangerousObject.Multi.AMN!A2 (Emsisoft), Trojan.Generic.KD.392989 (F-Secure), Trojan.Generic.KD.392989 (GData), Trojan.Win32.Jorik.Fraud.hdm (Kaspersky), Sus/UnkPack-C (Sophos)
Damage Level: Medium
Systems Affected: Windows 9x, 2000, XP, Vista, Windows 7
Rogue program is the class where Privacy Protection belongs. Rogue is not typical virus that replicates once it infects the system. Privacy Protection does not spread on your hard drives, removable drives and network shares. It enters the system for the sole purpose of misleading users. Then, it sells the program in a fraudulent means.
Privacy Protection invades the computer through infected web sites that employs drive-by-download techniques. On other instances, Privacy Protection will spread as a fake software update that typically hides itself on fake Windows Accessories executable file like calc.exe, notepad.exe or cmd.exe.
Privacy Protection’s presence on the computer brings many irregularities. Your system may not function normally and in fact, it may not operate at all. After the infection, only software left working is Privacy Protection. It will scan the system and produces a bunch of false detection for several Trojans and viruses. Other misbehavior you may notice is excessive system tray alert that contains the following messages:
Malicious program has been detected.
Click here to protect your computer.
The fake anti-virus program also displays a series of fake alerts and warning messages inclduding the following:
Privacy Protection has found 1
useless and UNWANTED files on your computer!
Information on removal
Potentially dangerous files were found on your system during the last scan!
It is strongly recommended that you remote them immediately.