Skip to main content
Customer Support Customer Support

Vonteera Adware Uses Certificates to Disable Anti-Malware

  • November 23, 2015
  • 3 replies
  • 0 views
Jasper_The_Rasper
Moderator
Forum|alt.badge.img+54
November 20, 2015 | BY Pieter Arntz
 
Vonteera is an adware family that has been around for years. They stand out from the rest because of their very intrusive changes to the affected systems, which is why you will see them classified as Trojan by some anti-malware solutions.
Recently, they added a new trick to their arsenal: using system certificates to disable anti-malware and anti-virus software.
 
Intrusive
 
What are the main changes they make on your system, you ask? Well, for starters they add a whole bunch of Scheduled Tasks.
 
                               


                                                  All the tasks shown above were created by one Vonteera installer.
 
Full Article
    shorTcircuiT
    Ssherjj
    R

    3 replies

    edwin_eekelaers
    Popular Voice
    Forum|alt.badge.img+6
    Now why would a Baidu certificate be dropped by this malware. Baidu's a mainland chinese file sharing site with its own proprietary cloud system. I frequent that site occasionally to find chinese kid songs and WSA stands its ground
    Jasper_The_Rasper
    R
    R
    Community Guide
    • retiredAntus67
    • Community Guide
    • November 23, 2015
    Good article, and interesting. Adware turning or being classified a Trojan.
    Jasper_The_Rasper
    Nemo
    Community Leader
    Forum|alt.badge.img+34
    • Nemo
    • Community Leader
    • November 23, 2015
    Anyone know how Webroot treats this piece of garbage?
    shorTcircuiT
    Terms & ConditionsAccessibility statement