Cart
Trojan.FakeAlert.TE( Program:Win32/Antivirus2008, Adware/FakeAlert, Cryp_pai-5, Win32:FraudLoad-MH [Trj] )
SYMPTOMS: The presence of the fileC:\Program Files\Antivirus2008\Antvrs.exe and the key HKCU\Software\Microsoft\Windows\CurrentVersion\Run having a subkey named Antivirus pointing to it. TECHNICAL DESCRIPTION: This application is a rogue antivirus that shows a fake system scan and misleading results (a very infected computer) in order to determine the user to register/buy this product. The malware will run at every system startup, as it sets the following registry key: * HKCU\Software\Microsoft\Windows\CurrentVersion\Run * Antivirus -> C:\Program Files\Antivirus2008\Antvrs.exe The executable that downloads this file is detected by BitDefender with the same name(Trojan.FakeAlert.TE). Removal instructions: Please let BitDefender delete your infected files..ANALYZED BY: Boeriu Laura, virus researcher |