Trojan-FakeAV.Win32.Agent.dqs
Posted: April 19, 2012
Threat Metric
The following fields listed on the Threat Meter containing a specific value, are explained in detail below:
Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.
Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.
Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.
Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.
% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.
| Threat Level: | 2/10 |
|---|---|
| Infected PCs: | 15 |
| First Seen: | April 19, 2012 |
|---|---|
| OS(es) Affected: | Windows |
Trojan-FakeAV.Win32.Agent.dqs is a new rogue security program that's distributed by extremely aggressive (with some links being sent out as often as eight times per second) Twitter spam campaign. Links for Trojan-FakeAV.Win32.Agent.dqs also use Black Hole Exploit Kit attacks to assist with Trojan-FakeAV.Win32.Agent.dqs's installation and will display fake security warnings about PC threats that are (not, in reality) on your computer. Simple caution around suspicious links from unusual sources can help to prevent Trojan-FakeAV.Win32.Agent.dqs attacks, and SpywareRemove.com malware researchers particularly urge you to view unusual security alerts and online system scanners with a high level of caution. Fake alerts and other types of fraudulent security functions from Trojan-FakeAV.Win32.Agent.dqs are incapable of assisting your PC, and Trojan-FakeAV.Win32.Agent.dqs should always be considered a threat to be removed once you can enact a system scan with a preferable brand of anti-malware product.
Trojan-FakeAV.Win32.Agent.dqs: Just the Latest Hoax of a Trend on Twitter
Trojan-FakeAV.Win32.Agent.dqs is just one of several scamware-based PC threats that have been distributed in recent Twitter attacks that spam links in high volumes. These links are identifiable by their tw1.su and .tk domain suffixes, as well as their brief text messages, as noted in the following examples:
@[random Twitter user] "goodwood" [Malicious URL] online virus check
@[random Twitter user] "ion" [Malicious URL] proven anti-virus
@[random Twitter user] "goldfish" [Malicious URL] excellent anti-virus
Once clicked, these links load one of various websites that host Black Hole Exploit Kit-based attacks. SpywareRemove.com malware experts also note the inclusion of fake security pop-ups and system scanners that pretend to find PC threats on your computer (a typical method for distributing scamware like Trojan-FakeAV.Win32.Agent.dqs). Taking these fake security warnings at their word will install Trojan-FakeAV.Win32.Agent.dqs or a related rogue security product like X on your PC. SpywareRemove.com malware experts note that this Twitter spam campaign is ongoing and has already achieved over four thousand estimated individual 'tweets' from hundreds of different users.
What to Do When Twitter's Gab Turns into Trojan-FakeAV.Win32.Agent.dqs's Fake Security
Although Trojan-FakeAV.Win32.Agent.dqs is sufficiently new that SpywareRemove.com malware research team has yet to finish a full analysis, like other rogue anti-virus programs, Trojan-FakeAV.Win32.Agent.dqs creates fake system information in its attempts to steal money and financial information. Trojan-FakeAV.Win32.Agent.dqs may create inaccurate system scans, display pop-ups about attacks or PC threats that aren't real, redirect your browser away from PC security sites or block security-related applications. Trojan-FakeAV.Win32.Agent.dqs should never be considered to be a genuine or useful security program, and it's encouraged for you to delete Trojan-FakeAV.Win32.Agent.dqs with anti-malware products once you catch notice of its existence on any PC.
Scans to detect Trojan-FakeAV.Win32.Agent.dqs may display Trojan-FakeAV.Win32.Agent.dqs by other names, including Win32/Kryptik.AEHN and FakeAV_s.E. Most anti-virus companies developed a definition for Trojan-FakeAV.Win32.Agent.dqs in April of 2012, and SpywareRemove.com malware researchers especially encourage you to update your anti-malware applications if they're using databases that are older than Trojan-FakeAV.Win32.Agent.dqs's origin date.
Leave a Reply
Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter . If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.