12345

2/02/2011

Fake Anti-Virus program, disguised as AVG's Anti-Virus SW, has been reported.

1. Introduction

Recently, fake Anti-Virus program is not new. One of fake Anti-Virus SWs, disguised as an AVG's, has been reported on spreading. Since, if a user who haven't used AVG's AV SW, he can be misleaded to install this fake ware.
Therefore, general users need to be careful on downloading and installation of this fake AV SW.

2. Spreading path and symptoms of infection

Lately found fake Anti-Virus SW can also download itself with the link through attachment of e-mail, accessing tampered web site, Twitter, and Facebook.


Downloaded Anti-Virus SW has its icon similar as real AVG product's icon. Besides having description of Dr.Web is a feature of this malware.

On executing this malicious file, it can induce user to install completely with showing "AVG Anti-Virus" logo as following.


After installation, this malware will show user fake diagnosis screen as following.


Clicking "Remove All" for treating, it will require "Activation code" for its activating.


Payment screen will appear on clicking "Activate" for getting "Activation code".


It can induce user to pay and make user inconvenience. When an infected user turns on his Internet Explorer window, following screen will appear and bother user to use internet on "about:blank"


Entering direct URL in URL field will show following screen.


Clicking "Fix now" for remove this symptom will appear another payment inducing window
.
After a period of time, you can see this update window.


Clicking "Update Now" for update will appear another payment inducing window.


It won't be removed even clicking "Close" on tray icon.


All of fake Anti-Virus softwares are inducing user to pay and can't treat from malwares.

3. How to prevent

Users who are familiar with various anti-virus SWs won't be induced from fake Anti-Virus SWs, however, general users can be induced and even infected.
To use PC safely from security threats of these malicious attachments, we recommend following "Security management tips" for general users.

Security management tips

1. Maintain the latest security update on OS and applications
2. Use anti-virus SW from believable security company and keep updating the latest engine and using real time detecting function
3. Do not see and download attached file from suspicious e-mail.
4. Keep caution to link from instant messenger and SNS.
5. Execute downloaded file after scan with anti-virus SW.

INCA Internet (Security Response Center / Emergency Response Team) provides diagnosis/treatment function with “nProtect Anti-Virus/Spyware” for detecting such as malicious file stated above and runs responding system against various security threats.

6 comments:

  1. Dear! It's my great honor to be on your blog,I benefit a lot from reading your blog.
    This ubuntu data

    recovery
    software also give me help .I want everybody to know it.

    ReplyDelete
  2. Wow, so thankful! I like your blog very much. By the way, you can choose some discount ray ban sunglasses here.

    ReplyDelete
  3. If you are interested in reputation management and participating in conversations in your market, then you should use iGoogle. Google has no end of free resources it seems, and this tool of theirs just might be the best.
    how to create gmail

    ReplyDelete
  4. Great information for antivirus. It is very helpful for me. Thank you so much.


    Antivirus Technical Support

    ReplyDelete
  5. To successfully figure out how to keep an infection and you have to see how you deal with your PC. A PC infection is a bit of programming, and is acquired through a download or connection that can demolish the usefulness or programming on your PC. zepto File Virus Removal

    ReplyDelete
  6. Easily secure Yahoo mail account data and password. Customer Support Number

    ReplyDelete