Home/ Spyware Encyclopedia / Fake Anti Spyware.UltimateAntivirus2008 | |  | Fake Anti Spyware.UltimateAntivirus2008 Technical Details |  |
|
| Category |
 |
Fake
Anti Spyware |
| Discovered |
|
6/11/2008
15:41:00 PM |
| Modified |
|
6/11/2008
17:11:00 PM |
| Threat
Level |
|
Critical |
| Description |
|
A
Fake Anti Spyware
is software that
purports to scan
and detect malware
or other problems
on the computer,
but which attempts
to dupe or badger
users into purchasing
the program by presenting
the user with intrusive,
deceptive warnings
and/or false, misleading
scan results. They
spuriously warn
users that their
computers have been
infected with spyware,
directing them to
purchase programs
which do not actually
remove spyware or
worse, may add more
spyware of their
own It typically
uses aggressive,
deceptive advertising. |
| Summary |
|
The
hosts file was updated
with the following
url-to-ip mappings
:
127.0.0.1 localhost
The following
http urls were started
:
bp.specificclick.net
ad.doubleclick.net
ebay.com
Generated
smtp traffic :
n/a
there was a new
connection established
with a remote irc
server : n/a
the following hidden
entries created
: n/a
The
following internet
connection was established:
n/a
Ultimate Antivirus
2008 is the latest
fake anti spyware
program. Ultimate
antivirus 2008 give
the misleading result
after scanning by
it. Ultimate antivirus
2008 show many false
positives after
it searches on user
pc for malware.
Ultimate antivirus
2008 try to trick
the user into buying
it by claiming,
"You have been
infected with spyware"
and then showing
false error reports. |
| Processes |
|
UAV.exe |
| Drivers |
|
N/A |
| Folders
created |
|
%PFDIR%\UAV
|
| Browsed
Sites |
|
http://www.uav2008.com/ |
| When
the Fake Anti Spyware
is executed, it
creates the following
files: |
| Name |
Version |
Publisher |
Signature
(MD5) |
File
Size (in Bytes) |
| ..\uav\uav.cpl |
1.0.0.1 |
Ultimate
Antivirus
2008 |
685cb28e635a78e9526137a81317a0db |
45056 |
| ..\uav\uav.exe |
1.0.0.1 |
|
57542f9de2846f9e4e589cfced027778 |
333824 |
| ..\new
text document.txt |
|
|
|
23 |
| ..\uav2008setup.exe |
|
|
4cfd6ad8564dcded3994965ad0625582 |
790954 |
| ..\desktop\ultimate
antivirus.lnk |
|
|
|
454 |
| ..\uav.cpl |
1.0.0.1 |
Ultimate
Antivirus
2008 |
685cb28e635a78e9526137a81317a0db |
45056 |
|
|
| When
the Fake Anti Spyware
is executed, it
creates the following
Registry entries: |
|
|
Snapshot
 |
|
Recommendation to remove Fake Anti Spyware.UltimateAntivirus2008 |  | Spyware Detector can remove Fake Anti Spyware.UltimateAntivirus2008, and thousands of other Spyware definitions, automatically and instantly. Click here to download Spyware Detector and scan for free. |
| |
|
| |
| |
| |  | Personalized e-Mail support by our Research Team. You send an "Export Log" report to us, we then add new definition and you eliminate spyware found on YOUR PC in the next Live Update. So, not only do you benefit but the whole community enjoys the feedback.
| |  | Speed up your computer and increase browsing performance by deleting Spyware & Adware | | | Enjoy continuous protection and security with frequent spyware definition updates so you never have to worry about new threats and outdated software. | | | Surf the web with confidence knowing your online activities aren't being tracked, and your confidential data is secure from prying eyes. |
|
|
| |  | | | | | |  | |  Submit a Threat
Submit a threat to be reviewed by our research team
Submit a Threat | |  |
|
|