Rogue AV: Antivirus Plus
Posted by Steve Espino on July 30, 2009
Here’s another Rogue AV using the same animated system scan on the internet browser as the one in a previous post
In some instances, Antivirus Plus uses this animated scan instead:
It also uses one of those warnings that look oh so genuinely sincere:
Then of course downloading and installing the rogue app give us the usual scan results:
Here’s a list of domains currently serving this rogue app:
hxxp://adoimi.cn
hxxp://yourguardpro.cn
hxxp://yourcheckpoisonpro.cn
hxxp://yourfriskviruspro.cn
hxxp://antivirusplus09.com
hxxp://antivirusplus-ok.com
hxxp://addedantiviruspro.com
Because of the same animated system scan that they use, I reckon System Security and Antivirus Plus are two related rogue apps.
Rouge AV Clone: Windows Protection Suite « R3v3rs3e's Blog said
[...] uses the same tactic as seen on earlier posts here and here where the website claims to scan the unsuspecting user’s computer, detects heaps of [...]
MaCatte scareware fools users by masquerading as McAfee « R3v3rs3e's Blog said
[...] has been seen to be using a bogus My Computer online scan similar to ones we’ve seen here, here and [...]