Home / malware Trojan.Downloader.FakeAV.AH
First posted on 21 November 2011.
Source: BitDefenderAliases :
There are no other names known for Trojan.Downloader.FakeAV.AH.
Explanation :
This is the kind of malware that makes use of users naivity in order to download and execute other malware on their computers. When an infected web-page is accesed, several warning messages are diplayed, in order to trick the unaware user to acces an infected link. Typical messages can be:
"Your computer contains various signs of viruses and malware programs presence.
Your system requires immediate anti viruses check!
Antivirus 360 will perform a quick and free scanning of your PC for viruses and malicious programs."
"Your computer remains infected by viruses!
They can cause data loss and file damages and need to be cured as soon as possible.
Return to Antivirus 360 and download it secure to your PC"
"Your computer remains infected by viruses!
They can cause data loss and file damages and need to be cured as soon as possible.
Return to Antivirus 360 and download it secure to your PC"
The fake-scanning of the computer will reveal unexistent malware and may display several other messages:
"This program is potentially dangerous for your system. Trojan-Downloader stealing passwords,
credit cards and other personal information from your computer.
Advice:
You need to remove this threat as soon as possible!"
Other possible fake malware detections:
Email-Worm.Win32.Net
Email-Worm.Win32.Myd
Trojan-Downloader.Win
The downloader may also act different if it is running on a Windows XP with Service Pack 2, by directly launching the download-page in a new window when the user tries to close it or by simply displaying a modal-dialog with download option. Either way, the user ends up on the download page of AV 360 and might be tempted to install this fake antivirus and even pay for registration.Last update 21 November 2011