System Doctor 2014: A fake AV for the upcoming year
Posted on 03.07.2013
In an effort to keep one step ahead of security solutions and attentive users, peddlers of fake AV solutions often change the name of the malware they are trying to sell.

Researchers from Microsoft's Malware Protection Center are warning about the latest two instances: System Doctor 2014 and System Care Antivirus.

These are two variants of the same malware - detected by Microsoft as Winwebsec - but with a different look / user interface.

"While there are differences between the two Winwebsec variants, they also have a number of behaviors in common: both have used the same custom obfuscation in an attempt to avoid detection by antimalware products, both use a similar request format when sending details of their installation to the distributors' server, and both attempt to prevent all other programs from running apart from a few that appear on a specified whitelist," the researchers point out.

Also, both variants use the same activation code.

The System Care Antivirus is an older variant that has been around for a while now. Even thought Winwebsec creators obviously wanted to snag those customers that can be swayed by the "2014" in the newest offering's title, System Care Antivirus is still the dominant one because System Doctor 2014 stops running if it detects it on the target computer.

It's also interesting to note that System Doctor 2014 does not behave like your typical fake AV solution, as it seemingly does clean some of the "found" threats but, alas, it's not able to clean them all. For that, users will have to pay up.

Once the activation code (AA39754E-715219CE) is inserted and the rogue AV's "full" version is activated, it reports that the cleaning has now been completed. The good news is that it now stops trying to block other programs from running, and you can (and should) now easily use a legitimate AV solution to remove it from your computer.


Almost 1 in 10 Android apps are now malware

Posted on 28 July 2014.  |  Cheetah Mobile Threat Research Labs analyzed trends in mobile viruses for Q1 and Q2 of 2014. Pulling 24.4 million sample files they found that 2.2 million files had viruses. This is a 153% increase from the number of infected files in 2013.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.


Tue, Jul 29th