Thursday, August 26, 2010

Pest Detector 4.1

Pest Detector 4.1 is in the FakeRean family of rogue security products. VIPRE detects it as Trojan.Win32.Generic.pak!cobra. Like all rogues, it does a fake scan of your computer then tells you it has found malicious code.

(click to enlarge graphic)

It requires you to pay for the fake software before it “cleans” your machine of the fictitious infections.

(click to enlarge graphic)

One way (there may be others) that Pest Detector 4.1 is delivered is through a phony “Microsoft Security Essentials Alert” which is displayed by a Trojan.

Basically, it mimics the idea of VirusTotal, (http://www.virustotal.com/ ) a site which enables you to see how 40 legitimate security companies identify a sample of malicious code that you submit.

The downloader copies itself into multiple folders under different names. After five to 15 minutes it generates a fake alert pop-up window:

(click to enlarge graphic)

If you click ANY of the four buttons on the scary “Potential threat details” screen, it takes you to a web site that shows you how different anti-malware products allegedly identify the malware that is (not really) on your computer. It includes a long list of legitimate ones, which, oddly enough find no infection on your machine.

However, the display shows that some of them -- all of which are rogues -- have identified malicious files. They have a “free install” button listed next to their names. Clicking on the buttons installs the rogues. (Pest Detector is lower on the screen and not shown.)

(click to enlarge graphic)

To Remove Pest Detector 4.1:

If Pest Detector 4.1 has infected your PC, you should remove it immediately. Click here to use VIPRE to remove Pest Detector 4.1 from your computer now.

No comments:

Post a Comment