Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » AntiVirus2008

Overview

Threat Risk MEDIUM MEDIUM
Destructivity LOW LOW
Payload Downloads and installs malware
Detection files published
Description created 14 Aug 2008 11:34:00
Description updated 14 Aug 2008 11:34:00
Malware type TROJAN
Alias FakeAlert
Spreading mechanism EMAIL
UNKNOWN
Summary None

AntiVirus2008

Spreading

"Drive-by" infection by download script on infected websites which the user has been tricked into visiting by a forged email or by downloading the software from the creators' web site.
When visiting a malicious website you will get a message that you need to download new version of Video ActiveX Object to play a video.

(Image not available)

You will then get a question if you want to run or save a file.
If you run the file Antivirus2008 will be installed and you will get lot of popups with false virus warnings and a message informing you that you will have to pay for the full version of Antivirus 2008 to remove all these threats.

(Image not available)

Payload Details

The programs in this family download and install malware.
Some versions also disable antivirus programs, and block Internet access to security sites

Analysis

n/a

Removal

The first version of Antivirus 2008 was added to Lumension's virus detection files 4 June 2008. New versions are added continously.


Last Updated: 12 Nov 2015 11:06:15