New rogue software: XP AntiVirus
Posted: November 27th, 2008 | Tags: Fake antivirus, Malware, Rogue |A new rogue antispyware has been defined some days ago on the Internet, and it can really deceive you in case you are not ready to it. Antivirus XP seems to be a security software which cleans your computer of undesirable infections. However, it is not so well intended, as it can seem, because it is actually a part of rogue application, which displays fake alerts to convince you to buy the full version.
Antivirus XP works under the majority of versions of Windows, including Windows 98, Windows 2000 and Windows Vista. So, even if it has been named Antivirus XP, it does not affect only Windows XP.
These kind of malware has grown much in popularity for last several months, and is becoming more and more dangerous for each not protected user.
Virustotal report
File XPAinstall_881234.exe received on 08.04.2008 16:01:28 (CET)
| Antivirus | Version | Last Update | Result |
|---|---|---|---|
| AhnLab-V3 | - | - | - |
| AntiVir | - | - | TR/Crypt.CFI.Gen |
| Authentium | - | - | W32/Trojan2.EIMP |
| Avast | - | - | Win32:Fraudo |
| AVG | - | - | Downloader.FraudLoad.F |
| BitDefender | - | - | Trojan.FakeAlert.XL |
| CAT-QuickHeal | - | - | FraudTool.XPAntivirus.A |
| ClamAV | - | - | - |
| DrWeb | - | - | - |
| eSafe | - | - | - |
| eTrust-Vet | - | - | Win32/VMalum.DTQT |
| Ewido | - | - | Trojan.FraudPack |
| F-Prot | - | - | W32/Trojan2.EIMP |
| F-Secure | - | - | Trojan.Win32.FraudPack.gen |
| Fortinet | - | - | - |
| GData | - | - | Trojan.FakeAlert.XL |
| Ikarus | - | - | Trojan.Win32.FraudPack |
| K7AntiVirus | - | - | Trojan.Win32.FraudPack.gen |
| Kaspersky | - | - | Trojan.Win32.FraudPack.gen |
| McAfee | - | - | FakeAlert-AB.dldr.gen |
| Microsoft | - | - | Trojan:Win32/FakeXPA |
| NOD32 | - | - | a variant of Win32/TrojanDownloader.FakeAlert.FG |
| Norman | - | - | - |
| Panda | - | - | Generic Trojan |
| PCTools | - | - | RogueAntiSpyware.AntiVirusPro |
| Prevx1 | - | - | Fraudulent Security Program |
| Rising | - | - | - |
| SecureWeb-Gateway | - | - | Trojan.Crypt.CFI.Gen |
| Sophos | - | - | Mal/EncPk-CZ |
| Sunbelt | - | - | Trojan.FakeAlert |
| Symantec | - | - | XPAntivirus |
| TheHacker | - | - | - |
| TrendMicro | - | - | - |
| VBA32 | - | - | Trojan-Downloader.Win32.FraudLoad.vawd |
| ViRobot | - | - | - |
| VirusBuster | - | - | - |
| Additional information |
|---|
| MD5: 529739c631258911be7eb9e0e3224f7b |
| SHA1: e5887adb870197d2e4b513841ebaf30ae5d13bda |
| SHA256: b661b3c00d23100fd9abb943066b9a81af63a8629d591445eaa4ea9d224332cc |
Leave a Reply