A new rogue called "Antivirus 360" quite possibly is one of the most annoying smitfraud cases ever created by cyber criminals. This scam possesses a double advantage over the majority of other "smitfraud software". First, it's titled similar to worldwide known Norton 360 Security package. Second, websites that are involved in promoting this scam, proudly claim to have been awarded by various reputable online magazines and also display the logo "ICSA Labs test passed".



It's fair to say this piece of malware is highly unwanted on any computer. By auto-running at system start-up, Antivirus 360 will display results of a fake scan where experienced Windows users will find crucial Windows system files marked as "malicious" and "harmful" threats. But this approach combined with sleek resemblance to Norton trademark works like a charm: people easily fall for warnings and pop-ups, and willingly pay for "full licenses" which are sold at "discount prices". Scammers who created Antivirus 360 aren't humble in asking for money: they charge a weird "activation fee" in addition to more common call-back support and lifetime updates.

Antivirus 360 is different from similar malware infections in several aspects.

1. It modifies Windows HOSTS file which is used to determine browser behavior and controls redirects to websites. Antivirus 360 adds its own entries to HOSTS file in order to redirect search queries to dangerous websites.

2. It implements browser hijack to fool surfers. By doing this trick, Antivirus 360 easily adds a "Google Tip" to Google home page. It looks to web surfers like Google is recommending them to buy Antivirus 360 license immediately because their copy is not registered. This a very smart tactic because most Google users innocently believe everything displayed by their favourite search engine. Needless to say that Google has nothing to do with Antivirus 360 virus. The "Google Tip" is generated by malware itself and inserted into loaded web pages.

3. It generates its executable files with different checksums on different infected computers. This simple trick leaves certain security programs being unable to spot and identify pieces of the malware.

Of course you will find Antivirus 360 capable of self-replicating, disabling Registry Editor and sometimes Task Manager. This is a common symptom of all rogue programs.

Considering the fact that A360 often comes as part of infection brought into computer by a trojan virus (like Vundo), it's evident that removing all pieces of the malware becomes a complicated task. Normally popular antivirus programs are unable to cope with the issue. Therefore to successfully complete Antivirus 360 removal, you need a set of tools and proper instructions on how to use them.