Home Malware Programs Rogue Anti-Virus Programs Anit-Virus Scanner

Anit-Virus Scanner

Posted: May 18, 2012

Threat Metric

Ranking: 864
Threat Level: 2/10
Infected PCs: 155,087
First Seen: May 18, 2012
Last Seen: October 17, 2023
OS(es) Affected: Windows

Anit-Virus Scanner is an unusually flexible type of rogue anti-virus scanner that's designed for Android mobile phones. Unlike most types of scamware that pose as fake security tools, Anit-Virus Scanner doesn't attempt to acquire money in a fake registration process – instead, Anit-Virus Scanner hijacks your phone and uses SMS premium messages to collect revenue without your consent. Clicking Anit-Virus Scanner's download link on a PC will cause you to download a (currently) non-functioning Java file, but downloading Anit-Virus Scanner onto a phone will cause your phone to be infected with one of multiple variants of Anit-Virus Scanner, all of which contain the same attacks with different forms of obfuscation to defeat anti-malware security. These download links are hosted on a Russian website that SpywareRemove.com malware researchers have noted to be promoted via social networking links, most prominently including Twitter.

Why Deleting Anit-Virus Scanner from Your Phone Should Be an Easy Decision

Anit-Virus Scanner, like other types of rogue anti-virus products from its family, FakeSpyPro, doesn't have any form of genuine anti-virus or other security-related functions. Instead of such benign services, Anit-Virus Scanner only offers exploits and vulnerabilities that criminals can use to exploit your phone for illegal purposes. Attacks that SpywareRemove.com malware research team has linked to Anit-Virus Scanner and similar PC threats include:

  • Automatic SMS messages that are sent to premium-rate services; these attacks create a semi-passive revenue stream for Anit-Virus Scanner's criminal partners – at your expense. Careful monitoring of your mobile phone charges may allow you to catch Anit-Virus Scanner's behavior before the expenses become significant.
  • Modifying your phone's settings to reduce its security and prevent you from removing Anit-Virus Scanner (such as disabling sleep mode).
  • Contacting a remote server that can enable Anit-Virus Scanner to transfer personal information or download other PC threats onto your phone (similar to a backdoor Trojan).

Ending Anit-Virus Scanner's Cold War on Your Phone

Given that both Anit-Virus Scanner's website and its own interface use Cyrillic text, PCs based in Russia and nearby countries can be considered particularly at risk for possible Anit-Virus Scanner infections. Anit-Virus Scanner website links are distributed via social networks like Twitter, often with misleading messages such as 'sexi gerl see.' Other PC threats that are also promoted on the same site include fraudulent updates for web browsers and instant messengers.

Because Anit-Virus Scanner is polymorphic and can vary its fingerprints to evade detection, you should be careful about any interaction with files from sites that have any resemblance to the above description. If you need to delete Anit-Virus Scanner from your phone, SpywareRemove.com malware analysts still suggest the use of suitable anti-malware products, although they may require updates or other safety measures before they can completely identify Anit-Virus Scanner or other members of its family, the FakeSpyPro family, such as Spyware Protect 2009, Antivirus System Pro, Security Central, Antivirus Soft, Antivirus Suite, AntiSpyware Soft, Antivir Solution Pro, Security Suite, Malware Destructor 2011, Antivirus Scan, Antivirus Action, PC Security 2011, Antivirus .NET, AntiVira Av, AntiMalware GO, Antivirus Monitor, Antivirii 2011 and AnVir Security Suite.

Technical Details

Additional Information

The following URL's were detected: