A forum for reverse engineering, OS internals and malware analysis 

Forum for analysis and discussion about malware.
 #16380  by EP_X0FF
 Fri Nov 02, 2012 1:58 pm
devstaff wrote:Just me thats gets tired on Fake.Vimes fakeavs? Because there is so many versions of them:/
It because they all basically the same. Only redesigned GUI and randomized names. I remember 3 year ago I could go on MDL and download bunch of FakeAV's and most of them were totally different - different design (not only GUI), different distribution group etc. All ended in 2010. Now boring crap mostly from Severa and ko.
 #16388  by EP_X0FF
 Sat Nov 03, 2012 3:18 am
Xylitol wrote:
EP_X0FF wrote:Now boring crap mostly from Severa and ko.
Severa isn't in spam/pharma business ?
Security Shield type FakeAV associates for me only with this guy as it initial promoter. Dont really know if he still promotes it distribution directly like before. But yes you right, last time I saw it was speaking about spam services based on his own mailer :)
 #16410  by Malwarehunter
 Sat Nov 03, 2012 10:01 pm
Image
Kaspersky Internet Security 2013

tre.exe - Trojan.Win32.FakeAV.oddg

New malicious software was found in this file. It's
detection will be included in the next update. Thank you for your help.
Attachments
pw:infected
(397.72 KiB) Downloaded 96 times
 #16440  by gied
 Sun Nov 04, 2012 10:36 pm
Win32:Virut wrote:Hello,

XP/Vista/Win 7 Antispyware Pro 2013
It launches antivirus Pro 2013 version for me, not antispyware ?
 #16441  by Cody Johnston
 Sun Nov 04, 2012 10:47 pm
gied wrote:
Win32:Virut wrote:Hello,

XP/Vista/Win 7 Antispyware Pro 2013
It launches antivirus Pro 2013 version for me, not antispyware ?
This one has random names. Sometimes may be slightly different than what was originally posted. Still same infection though.
  • 1
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46