Antivirus360 a Misleading Application
by Frank Jovine on 04/08/2009 in Fake Antivirus, Security
Antivirus360 is a misleading application that may give exaggerated reports of threats on the computer. There are other misleading applications that we have published that can be found here.
Risk Impact: Medium
Systems Affected: Windows 2000, Windows 95, Windows 98, Windows Me, Windows NT, Windows Server 2003, Windows Vista, Windows XP
The program must be manually installed. The risk attempts to trick users into installing it through fake messages that appear in their Web browsers claiming that the computer has been compromised. Once installed, the program reports false or exaggerated system security threats on the computer. It than fools the user to download the full license in order to remove the false security threats.
The risk also displays various pop-up messages while the computer is in use. These fake messages cover the following topics:
- Internal conflict alerts
- Vulnerable files found
- Spyware Activity alerts
- Privacy Violation alerts
- System file modification alerts
Installation
The risk is a self-contained executable. It may arrive with the following file name:
%CurrentFolder%\av360.exe
When the program is executed, it creates the following files:
%UserProfile%\Application Data\Microsoft\Internet Explorer\Quick Launch\Antivirus 360.lnk
%UserProfile%\Desktop\Antivirus 360.lnk
%UserProfile%\Start Menu\Antivirus 360\Antivirus 360.lnk
%UserProfile%\Start Menu\Antivirus 360\Help.lnk
%UserProfile%\Start Menu\Antivirus 360\Registration.lnk
It also creates the following registry subkey:
HKEY_CURRENT_USER\Software\[RANDOM HEXADECIMAL NUMBER]
Similar Risks: Antivirus2008
Kikolani
Apr 8th, 2009
Well that certainly looks official enough to be trusted… virus creators have some good design on their side now.
~ Kristi
Frank J
Apr 8th, 2009
Kristi,
You’re right, it will fool the average person because how real it looks.