Posted by: secureitproduct | March 15, 2011

Increase in Rogue Virus Infections

March is turning out to be a very busy month for rogue virus infections.  We are working hard every day to make sure we keep up with the influx of new variants getting through.  The two infections hitting us the hardest  right now are the fake AVG 2011 Trial Edition rogue and System Tool variants. Both are mutating code many times a day. We’ve added steps to increase the number of samples we receive from actual infected computers to get a better handle on these infections as they emerge.

Fake AVG Antivirus 2011

To better deceive computer users, virus creators are mimicking legitimate security software – in this case AVG 2011. This rogue uses the familiar AVG color scheme, icons, and pretends to scan and find malicious files on the computer. This infection will block you from accessing many functions of your computer.  For example, you may be able to open your control panel but cannot open Add/Remove Programs.  Often times you will see this program immediately start scanning your system while making sure you can see that it’s scanning.  It will never stop producing fake alerts and fabricated virus scan results.  A Trojan is also installed that modifies Internet browser settings and redirects it to malicious Web sites.

The infection originated from a hacking ring based out of Russia or Asia. This virus can be typically found in temporary Web sites, infected e-mail attachments and fake downloads. The only way to stop this virus program is to have it completely removed from your PC.

System Tool/Fake Microsoft Security Essentials

This rogue has been around for quite some time. The program displays false scan results in order to trick you into thinking that the computer is infected when, in reality, it’s being held hostage by that very program.

There have been many mutations of this rogue but for March 2011, the virus writers have decided to keep the same console and change the name. Here are a few examples from March:

To help stay protected, please be careful of e-mails from folks you don’t know and check that SecureIT is up to date!


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

Categories

%d bloggers like this: