The Vundo trojan is now using Antivirus 360 in it's effort to scam money out of victims. The name is play off of Norton 360 it appears. Like all rogue antispyware products, the malware that found it's way on your computer is from the same group that is trying to sell you the solution.
Antivirus 360 removal guide found Bleeping Computer. Hijackthis log symptoms and files:
O4 - HKCU\..\Run: [13376694984709702142491016734454] C:\Program Files\A360\av360.exe
c:\Program Files\A360
c:\Program Files\A360\av360.exe
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 360.lnk
%UserProfile%\Desktop\Antivirus 360.lnk
%UserProfile%\Start Menu\Antivirus 360
%UserProfile%\Start Menu\Antivirus 360\Antivirus 360.lnk
%UserProfile%\Start Menu\Antivirus 360\Help.lnk
%UserProfile%\Start Menu\Antivirus 360\Registration.lnk
Thursday, December 11, 2008
Tuesday, December 09, 2008
Spywareinfo Domain Now Linking Rogues
The domain spywareinfo.com once was one of the main sites to help with stopping spyware and helping people remove spyware. Once a good source of information and news, it began a slow decline in 2006 when the owner Mike Healan disappeared from the net for personal reasons. The domain was bought recently and is now hosting links to undesirable removal programs, including Antivirus 2009.
Spywareinfo's legacy still lives on. The forums were moved to their own domain and can be found at spywareinfoforum.com . An archive of the old spywareinfo site can be found at spywareinfoforum.info. While archive of spywareinfo is mostly old and out of date, the forums are current , up to date and a good place to go if you need help.
More on the change of ownership of spywareinfo:
Warning at the spywareinfoforum site.
DSLreports security forums discuss the change.
Analysis of the new links.
Spywareinfo's legacy still lives on. The forums were moved to their own domain and can be found at spywareinfoforum.com . An archive of the old spywareinfo site can be found at spywareinfoforum.info. While archive of spywareinfo is mostly old and out of date, the forums are current , up to date and a good place to go if you need help.
More on the change of ownership of spywareinfo:
Warning at the spywareinfoforum site.
DSLreports security forums discuss the change.
Analysis of the new links.