"Scorpion Saver" Adpeak Proxy Attack

This section provides an example of Norton anti-virus alert reporting a 'Fake App Attack: Adware Installer Download 3' attack initiated by malware 'Tube Dimmer'.

While I was trying to remove malware "Tube Dimmer", my Norton anti-virus tool caught the malware trying to communicate back to their server. Here is what happened:

1. Ran Windows Task Manager and terminated the "updater.exe (C:\ProgramData\Updater\updater.exe" process.

2. Few seconds later, a Norton anti-virus tool alert displayed.

Severity: High; Activity: An intrusion attempt by d.tubedimmerapp.com
   was detected. Status: Blocked.

IPS Alert Name: Fake App Attack: Adware Installer Download 3
Attacking Computer: d.tubedimmerapp.com (54.230.20.182, 80)
Attacker URL: d.tubedimmerapp.com/updater/setup2.exe

Network traffic from d.tubedimmerapp.com/updater/setup2.exe matches
the signature of a known attach. The attack was resulted from 
\PROGRAM FILES\SCORPIONSAVER SERVICES\ADPEAKPROXY.EXE...

The picture below shows the Norton security alert the "Tube Dimmer - Adpeak Proxy" attack on a Windows 7 system:
Tube Dimmer - Adpeak Proxy Attack

Last update: 2013.

Table of Contents

 About This Windows Security Book

 Windows 8: System Security Review

 Windows 8: System Security Protection

 Windows 8 System Recovery

 Windows 8 Defender for Real-Time Protection

 Windows 7: System Security Review

 Windows 7: System Security Protection

 Windows 7 System Recovery

 Windows 7 Forefront Client Security

 Norton Power Eraser - Anti-Virus Scan Tool

 McAfee Virus and Malware Protection Tools

 Spybot - Spyware Blocker, Detection and Removal

 Keeping Firefox Secure

 Keeping IE (Internet Explorer) Secure

 Malware (Adware, Spyware, Trojan, Worm, and Virus)

 HijackThis - Browser Hijacker Diagnosis Tool

 IE Add-on Program Listing and Removal

 "Conduit Search" - Malware Detection and Removal

"Tube Dimmer", "Scorpion Saver" or "Adpeak" Malware

 What Is Malware "Tube Dimmer"?

 "Search Deals by Injekt" Ads on Google Pages

 "Scorpion Saver" Floating Ad on Web Pages

"Scorpion Saver" Adpeak Proxy Attack

 Google Ads Hijacked by "Scorpion Saver" Ads

 Yahoo! Ads Displaced in Yahoo! Email

 "RocketTab Ads" Box on Google Pages

 Diagnosis Results of Malware "Tube Dimmer"

 ChromeHelper.exe, FirefoxHelper.exe, and IeHelper.exe

 Removing Malware "Tube Dimmer"

 Malware Manual Removal Experience

 Vundo (VirtuMonde/VirtuMundo) - vtsts.dll Removal

 Trojan and Malware "Puper" Description and Removal

 VSToolbar (VSAdd-in.dll) - Description and Removal

 PWS (Password Stealer) Trojan Infection Removal

 MS08-001 Vulnerability on Windows Systems

 Antivirus System PRO

 References

 PDF Printing Version