Pest-Patrol
Pest-Patrol is a new rogue security application. Not to be confused with the Legitimate PestPatrol from CA (Currently CA Anti-Spyware). Dancho Danchev reported about this rogue a week ago here.
Site Name: Pest-Patrol.com
IP Address: 85.255.121.181
Site Name: Pest-Patrol.com
IP Address: 85.255.121.181
Screenshot of Pest-Patrol.com site
Screenshot of Pest-Patrol application
The rogue also installs a malicious BHO along the application.
BHO Details:
Filename: IEWarning.dll
Objest Name: WarningBHO
Hijack this entry:
O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - C:\Program Files\Pest-Patrol\IEWarning.dll
The BHO blocks navigation in IE and displays the following screen (Reported Insecure Browsing Navigation blocked) nagging users into purchasing Pest-Patrol rogue application.
BHO Details:
Filename: IEWarning.dll
Objest Name: WarningBHO
Hijack this entry:
O2 - BHO: WarningBHO Class - {56FA7933-DC3E-403b-8D47-BB5E3F345A21} - C:\Program Files\Pest-Patrol\IEWarning.dll
The BHO blocks navigation in IE and displays the following screen (Reported Insecure Browsing Navigation blocked) nagging users into purchasing Pest-Patrol rogue application.
Currently none of the AV/AS vendors detects this Pest. Stay away from this site.
Bharath M N
Bharath M N