bdoriano
Amministratore
Registrato: 02/04/07 11:05
Messaggi: 14301
Residenza: 3° pianeta del sistema solare...
|
 Inviato: 28 Nov 2008 17:15 Oggetto: Rogue Antivirus: VirusRemover 2008 |
 |
|
Ciao a tutti,
oggi mi sono imbattuto in questo nuovo (per me) rogue antivirus.
Mentre stavo sistemando un pc, mi si è aperta una pagina web che puntava all'indirizzo: h**p://it.virusremover2008flash.com/ che mi visualizzava tutte le infezioni (fasulle) presenti e tentava di farmi scaricare un fantastico prodotto (il finto antivirus).
Vi riporto il codice HTML della pagina principale:
| Codice: | <!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8">
<title>VirusRemover2008</title>
<link href="styles.css" rel="stylesheet" type="text/css">
<script>p="site";</script>
<script language="javascript" type="text/javascript" src="/js/settings.js"></script>
<script language='javascript' type='text/javascript' src='/js/params.js'></script>
<script language="javascript" type="text/javascript" src="/js/managers.js"></script>
<script language="javascript" type="text/javascript" src="/js/index.js"></script>
<script language="javascript" type="text/javascript" src="/js/crypt.js"></script>
<script language="javascript">
function linka()
{
document.getElementById("download").href = 'http://' + document.location.host + SECURE_INSTALLERS.VRM_EN_SETUP_FREE + '?a=site&l=load&f=' + param['f'] + '&p=site&mt_info=' + param['mt_info'] + '&sub=' + param['sub'];
}
</script>
<script type="text/javascript" language="JavaScript">
try{
x=screen.width;
y=screen.height;
moveTo(0,0);
resizeTo(x,y);
} catch(e){}
</script>
</head>
<body>
<div class="main">
<div class="header">
<a href="/" class="logo" title="VirusRemover 2008"></a>
<a href="/" class="box" title="VirusRemover 2008"></a>
<div class="menu">
<a href="index.html" id="active" class="punkt home_a" title="HOME">
</a>
<a href="about.html" class="punkt about" title="ABOUT PRODUCT">
</a>
<a href="/2009/order/index.html?a=site&l=pay&p=site&addt=bXRfaW5mbz1rZXlpbiZzdWI9c2Rz" class="punkt buy" title="BUY NOW">
</a>
<a href="faq.html" class="punkt faq" title="FAQ">
</a>
</div>
<div class="header_text">
<div class="keep">Keep you PC from spies with a brand new VirusRemover 2008</div>
<div class="make">
Make the switch to VirusRemover 2008 and enjoy your system work without any influence of spyware and viruses Solutions for:<br><br>
<div class="point"></div><div class="point_text">Home and Office</div>
<div class="point"></div><div class="point_text">Small and Medium Business</div>
<div class="point"></div><div class="point_text">Enterprises</div>
<div class="point"></div><div class="point_text">Technology licensing</div>
</div>
<a class="try_free download_link" id="download" title="TRY FREE" onClick="linka();" style="cursor:pointer;"></a><a href="/2009/order/index.html?a=site&l=pay&p=site&addt=bXRfaW5mbz1rZXlpbiZzdWI9c2Rz" class="buy_now" title="BUY NOW"></a>
</div>
</div>
<div class="right_block">
<div class="virus">
<div class="virus_text">VIRUS WATCH</div>
</div>
<div class="latest">
<div class="latest_text">latest <strong>threats</strong></div>
</div>
<div class="gray_line"></div>
<div class="gray_line_tile">
<div class="spyware_text">
Spyware.Wather.ic
Spyware.CreditCarder.y
Adware.Clicker.P2.e
Adware.TrojanFactory.f
Spyware.Zlob.di
</div>
</div>
<div class="gray_line_footer"></div>
</div>
<div class="left_block">
<div class="home_left">
<div class="home_header">
<div class="faq_header_text">Key features</div>
</div>
<div class="home_tile">
<div class="home_text">
<strong>Spy and Adware Protection</strong> detects and erases all types of spyware which penetrates and tracks your PC's online activities. <br><br>
<strong>Configurable Spyware Scanner</strong> Fully configurable scanner to keep your system safe and secure. <br><br>
<strong>Controls your PC Monitors</strong> your PC's log files and gives the necessary information required to determine which applications are authorized to be run on your PC.<br><br>
<strong>Stops privacy violation</strong> also detects and removes all types of marketing software as well as any existing malware infecting your PC. <br><br>
</div>
</div>
<div class="home_footer"></div>
</div>
<div class="home_right">
<div class="home_text1">
<div class="yellow_ball"></div><strong>How VirusRemover 2008 can help you?</strong> <br><br>
VirusRemover 2008 is designed to provide you with the highest level of protection against malicious spyware and malware including keyloggers, hijackers and downloaders.<br><br>
VirusRemover 2008 technology protects you from both known and emerging threat variants and gives you real-time protection for your computer with our advanced XP antivirus Guard real-time monitor.<br><br>
Keep your computer free from trojans, spyware, adware, worms, keyloggers, rootkits, dialers and other malicious programs!<br><br>
<div class="yellow_ball"></div><strong>Why spyware is dangerous?</strong><br><br>
Spyware is the most prevalent threat to online computer privacy and security.It is installed on your computer through websites, SPAM and as hidden additions to legitimate programs you install.<br><br>
Spyware brings lots of damage in the sense of data confidentiality. Spyware programs register every user step, both inside the system and in the Internet. All information is delivered to the malefactor who collects data in his, not your, interest!
</div>
</div>
</div>
<div class="footer">
<div class="footer_text">
<a href="contactus.html">Contact us</a> | <a href="terms.html">Terms and conditions</a> | <a href="privacy.html">Privacy policy</a> | <a href="license.html">License Agreement</a>
</div>
</div>
</div>
</body>
</html> |
Ho voluto provare a scaricare il file proposto (di dimensione 870KB circa) e ho ottenuto i seguenti messaggi di errore:
- NOD32: Win32/Genetik trojan
- AntiVir: ADSPY/AdSpy.Gen
Ho inoltre sottoposto il file a un controllo sul sito VirusTotal.
Quindi, stateci alla larga!!!  |
|
FAQ
Cerca
Lista utenti
Gruppi
Registrati
Profilo
Messaggi privati
Log in
