Selasa, 18 Februari 2014

Baidu PC Faster Foistware (Trojan.Generic.9038304), Parasites The Log Ride Free Program Computer Through Your Favorite!

You've encountered a sudden your computer desktop appears suddenly you need a program that does not / want? programs offer cleaning of temporary files or promise to improve computer performance even tell you that your computer is in danger of malware attacks / computer viruses, so you need to activate / The program update? Hat - heart, your computer is infected Foistware, try to remember if you have previously installed a software? Is it Foistware, dangerous are? Let us learn to know him!

Foistware, unwanted intruders.

Foistware is generally unwanted programs are installed automatically along with other programs, generally a popular freeware. The goal is to foistware instal himself financially benefit from the computer installed and is generally done by way of replacing the default search engines (Google, Bing or other) with search engines foistware affiliated with the manufacturer so that the results of the search ads that do computer users will go into the pockets foistware maker. In its action, prioritizing foistware display of search results the highest paying ad and not prioritizing the accuracy of search results. In many cases foistware directing victims to a site that contains malware and obviously harm the victim. Unfortunately again, this foistware still be languishing on the victim computer even if the host is already in the freeware uninstall and wet like a lizard stuck in the window, a lot of hard foistware uninstalled and requires a special effort to be cast out of the computer. In early action, programs such as Adobe Acrobat, Skype and Java are often boarded foistware. But since getting a lot of complaints from users and the application maker security practitioners began riding program selects and rejects foistware despite their huge potential revenue loss from foistware the ride. Because it happens foistware transfer to another popular freeware from vendors outside the popular freeware application above. One of the very many freeware sites containing foistware is Some popular foistware is babylon search, search delta, and the last is Baidu PC Faster by G Data detected as Trojan Generic.9038304 .

Outsmart EULA Dialog Box

Bluestacks Android emulator is a program that allows a computer with a Windows OS to install and run Android applications. This program is very popular and is used by Windows users belonging to the freeware. If you download and install the Bluestacks as done by the laboratory team Vaksincom, most likely you will get other unwanted programs (Foistware) which will come installed along with Bluestacks. One of them was detected by G Data Antivirus Client Security as Trojan.Generic.9038304 (see figure 1) and better known as Baidu PC Faster.

Figure 1, G Data Antivirus detects Baidu PC Faster as Trojan.Generic.9038304

If you are careful enough, at the time of initial installation Bluestacks, strangeness began to appear. Typically, before you install any application potential users must approve the application prior EULA (End User License Agreement) that contains the rights and obligations of the user settings and application developers. Typically, applications that users rarely read the craft slowly EULA completely before clicking the [I Agree] and tend to be instantly approved. Perhaps the reason is that the length of the EULA, which in English legal language and format.

Here Faster PC running one trick where, Baidu PC Faster installation approval together with the approval of the EULA. So if a potential application users agree with the EULA and do a check in the box provided, then automatically he approved of Baidu PC Faster installation so that there is no violation of the law by this Foistware. (See figure 2)

Figure 2, EULA Agreement BlueStacks is installed together with the approval of Baidu PC Faster

After the computer restarts, automatically Baidu PC Faster Application will perform and carry out the action. put himself on the Windows desktop on (see figure 3)

Figure 3, Application Baidu Desktop PC Faster in Windows

You can see this malware temporary files in C: \ Users \ computername \ AppData \ Local \ Temp (see figure 4)

Figure 4, Malware Trojan.Generic.9038304 said Local Temporary

If you are using G Data Antivirus, Baidu PC Faster application is opened, it will be stopped and detected by G Data as Trojan.Generic.9038304, see figure 1 above. Conversely, if your antivirus program to allow this application is running, then you will get a view that is quite interesting as in Figure 5 below.

Figure 5, Display Applications Baidu PC Faster

Faster PC application is actually quite useful, it will monitor the security level of the computer, see if there are vulnerabilities that have not been patched and also make improvements and increase the speed of the computer system. The problem is, aside from the positive function earlier, Baidu PC Faster perform other actions to change the browser / Browser to change the search engine installed on your browser into a search B1. If you use Google's search engine, which display the previous Google Search ( will turn into (See figure 6)

Figure 6, the default search engines you will be replaced by B1

When you are trying to find some information he would give favorable results of this malware makers and most likely differ from that given by your default search engine. In comparison Vaksincom lab to search by keyword Download youtube videos (see figure 7)

Figure 7 Comparison of the results with the Google search engine Bi..

The results provided by the search B1 does not provide direct where or how to download you tube videos searched, even display ads that force matched and matched with a keyword search that we do. In this example there are 3 additional ads that appear in connection with the search download youtube videos are, and who obviously has nothing to do directly with the download youtube videos. Advertisers will pay money to B1 if the ad is clicked link. As we all know, is a program Mobogenie PUP (Potentially Unwanted Program) 20PUP/mobogenie% 20PUP.html.

Installed Mobogenie

This application will also install an Mobogenie this on your device. (See figure 8)

Figure 8, which is in the Applications Mobogenie installed malware

According to testing conducted by laboratories malware Vaksincom, this application is actually similar to Google Play and in general does not have a malicious payload. However, according to the observations of some malware sites, Mobogenie application for Windows classed as Potentially Unwanted Programs PUP

Mobogenie has two versions, the version of Windows that can be instalkan on the computer and the version of Android that can only be installed on Android devices. Mobogenie version of Windows that is usually classified PUP menginstalkan join him along with other freeware and in testing conducted by Vaksincom, Mobogenie and Baidu PC Faster you install themselves along with Bluestack freeware program.

Windows Mobogenie most financial benefit using OpenCandy, the Quick Downloader and Conduit bundled with popular freeware. Mobogenie for the PC can be used to transfer images between PCs with smartphones. In many cases computer users who installed Mobogenie not feel install this program and I know it was in the machine. Mobogenie not categorized as virus but it does not have a lot of fun activities / malicious such as rootkits that embed themselves deeply into the operating system so it is very difficult to be uninstalled, browser hijacking and user experience to intervene on his behalf. So more appropriately categorized as PUP Potentially Unwanted Programs.

If you are using Baidu PC Faster and not bothered with the changes made on the search engines, should not be too concerned as long as your system is protected with a good antivirus. But if you want to eliminate Baidu PC Faster from your system, try to follow the steps below.

Removes Baidu PC Faster and Mobogenie of computer

  1. Click [Start], select [Control Panel]
  2. Pilih [Programs and Features] Windows 7 atau [Add or Remove Programs] Windows XP.
  3. Select Baidu PC Faster and double-click to delete or removing Baidu PC Faster (see Figure 9)
  4. Restart computer
Figure 9, Display Baidu PC Faster and Mobogenie in Programs and Features

How to restore the browser settings

To change the look of your browser back to normal, you need to access the settings in your browser. In this example Vaksincom using Google Chrome.

  • Select Settings Extensions by type: chrome :/ / extensions in the address bar and search Google Chrome browser extension with the name Improved Search 1.2 (see figure 10)

Figure 10, which replaces the Extension Improved Search Google Search

  • Eliminate Improved Search 1.2 by clicking on the image bins (remove from Chrome) on the line to the right (see figure 11)

Figure 11, click the trash can to dispose of unwanted Extension

  • Restart browser.

To restore the default search engine to Google (assuming you eingine default search is Google), do the following:
  • Select Settings on the Google Chrome browser by typing: chrome :/ / settings in the address bar. (See figure 12)
  • In Search subpart click the drop down box and select Google.
  • Clicks Done
  • Finish

Figure 12, Setting engines in Browser

  • The default search engine you will get back into Google. (See figure 13)

Figure 13, the default search engine would return to Google

Source :

Tidak ada komentar:

Posting Komentar