Lavasoft Affiliates

Lavasoft Affiliate Program

Lavasoft Malware Labs; New Rogue Alert: Green AV

Lavasoft Malware Labs has spotted a new rogue application called Green AV. It will give exaggerated threat reports on the compromised computer, then ask the user to purchase a registered version to remove threats which don’t exist.



27/08/2009 Posted by | 1 | , , , , , , , , , , , | Leave a comment

The Implications of an Infection; Lavasoft Malware Labs

The” average Joe” probably sees the word “virus” as a generic term for all current threats out there in the wild. The reality is much different. There are a lot of categories which must be mentioned in this context.  The word “virus” should not be used as a catchall term for malicious infections. A virus is actually a malicious file which has the ability to infect/add malicious code to other files; we currently see a downward trend of this type of infections. A user faces a higher probability of being affected by Trojans.  Trojans work “independently” and may:

* Run as a process in the background all the time without the user’s consent.

* Open up backdoors (Ports).

* Download additional payload (new malicious files).

* Collect confidential information.

* Make changes in Windows Registry, to start up automatically after reboot.

* Hide behind legitimate applications to avoid visibility.

Trojans will not infect/add malicious code to other existing files on the system.

Lavasoft Malware Labs currently uses a group of descriptions to diverge between infection types:

MalwareAdwareSpywareFraud ToolToolbarVirusMonitoring ToolVulnerability,DialerWorm and Exploit.

Our various descriptions are used to make users aware of the type of infections they may have on their systems.

Anti-spyware products are nowadays both a First Line of Defense (FLoD) and Second Line of Defense (SLoD) for the groups mentioned above, besides providing virus detection. Anti-virus products mainly focus on a FLoD for viruses and malware but also use a SLoD to take care of “some” of the remediation. FLoD (RP) prevents an infection from taking place. The SLoD (the scanner) is able to scan the hard drive and find malicious files and make a “nice” clean-up of the system (Windows Registry, links, folders, host filecookies, etc.). The SLoD is useful if users execute previously undetected malware on their system. It’s obviously recommended to have both anti-virus and anti-spyware protection installed on your OS for optimal safety.

Remember, if you get infected by a worm or adware application, it’s not a VIRUS!

Albin; Lavasoft Malware Labs

23/06/2009 Posted by | 1 | , , , , , , , | Leave a comment