Thursday, August 26, 2010

Peak Protection 2010

Peak Protection 2010 is in the FakeRean family of rogue security products. VIPRE detects it as Trojan.Win32.Generic.pak!cobra. Like all rogues, it does a fake scan of your computer then tells you it has found malicious code. It requires you to pay for the fake software before it “cleans” your machine of the fictitious infections.

(click to enlarge graphic)

One way (there may be others) that Peak Protection 2010 is delivered is through a phony “Microsoft Security Essentials Alert” which is displayed by a Trojan.

Basically, it mimics the idea of VirusTotal, (http://www.virustotal.com/ ) a site which enables you to see how 40 legitimate security companies identify a sample of malicious code that you submit.

The downloader copies itself into multiple folders under different names. After five to 15 minutes it generates a fake alert pop-up window:

(click to enlarge graphic)

If you click ANY of the four buttons on the scary “Potential threat details” screen, it takes you to a web site that shows you how different anti-malware products allegedly identify the malware that is (not really) on your computer. It includes a long list of legitimate ones, which, oddly enough find no infection on your machine.

However, the display shows that some of them -- all of which are rogues -- have identified malicious files. They have a “free install” button listed next to their names. Clicking on the buttons installs the rogues.

(click to enlarge graphic)

To Remove Peak Protection:

If Peak Protection 2010 has infected your PC, you should remove it immediately. Click here to use VIPRE to remove Peak Protection 2010 from your computer now.

No comments:

Post a Comment