AVSystemCare is it a virus or antivirus

Today while visiting a site I was greeted with this screen. I was sure I had just opened a story on digg and the site it was pointing to also seemed legit. There was nothing to suspect but I just could not see how this was possible. I had seen a video yesterday about a similar attack using the doubleclick adverts network. But on that page I did not see any adverts being served by them, so possibly there is another network that is being used to get the adverts on the web pages.

After looking and snooping for a while I got the URL's from where the ads were being served. To see how it looks like you can copy the URL and see for yourself how the social engineering attacks work. Just make sure your browser is fully patched. Also make sure you don't download/run the executable that is shoved down your throat.
http://avsystemcare.com/data/?mtrt=avds22&gai=swmid&gli=2822_ao_3923_0_758_ao_&gff=pp_240877101&ex=1&ed=2&h=10&ax=1&ed=1&ex=1&mtrt=null&45080703&mt_info=3923_0_758
http://avsystemcare.com/data/index.php?52545a0d4647545e006e191c6a5258675351060714535a080b0a0f035139030b6a060a02066f09685304593b5458691e5352040b4244695302080f065457525513525f5108011f5008545c5513500b0c0712055e0f05064755550a00
http://85.255.115.218/ind.htm?src=409&surl=environmentalgraffiti.com&sport=80&suri=%2Findex%2Ephp%3Fp%3D484

Comments

Anonymous said…
This is definitely not good for your PC.
I am using a fully patched Ubuntu laptop, yet it still claims it is 'scanning' my C:\windows folder. There isn't one so it must be lying.

Also it may not have been put on your PC by the site where you saw it.

Ditch IE (ideally and Windoze) and this will not happen anymore.

- i have been virus free since day 1 of linux.
10:50 PM
Post a Comment

Popular posts from this blog

The best mobile development platform for hobbyist programmer

This is something I have been thinking for a while so here it goes. This is a list of platforms I know of and my choice of what makes sense for a hobbyist programmer like me. Let me first list down all the possible platforms and then list down the pros and cons that I feel are associated with each platform. Java ME (The platform formally known as J2ME) Windows Mobile Linux Palm Brew Symbian Blackberry iPhone iPhone Let me start with iPhone the darling of the media and blogger's till about a fortnight. I had real expectations from iPhone as a platform but the way its been going so far I would never bother developing for it. Officially there is no SDK with which one can build applications. What ever tools the community had built have been rendered useless with the iPhone 1.1.1 software upgrade . The community might be able to hack a version for 1.1.1 but without any support from almighty apple its just a cat and mouse game. With every minor release the applications
Read more

Using Voicemail with Airtel Prepaid Karnataka

Call  *321*671# to activate the service on your phone. It will ask you for permission if you want to enable it. To customize the account dial 52555 To disable voicemail dial *321*673# You can also activate it by sending out a SMS Send START VMS to 54321 for activation  Send STOP VMS to 54321 for de-activation  This post if for my own reference. If you have any questions leave a comment and if I know about it I will try and answer it.
Read more

And yet more invites for joost

UPDATE: I have given out all of them, if I get anymore I will send them across. I have more invitations for joost incase you are looking for one just leave a message on meebo or leave your email address in the comments and I will send you an invite. Incase you leave your email address in the comments please don't write it in plain text. Use this format xyz(at)emailprovider.com instead. Technorati Tags: joost , invite , tv
Read more