MS Antivirus 2008 morphed from XP Antivirus 2008

Submitted by lithium on Thu, 2008-08-21 01:51. Malware

We detected a new XP Antivirus 2008 rogue security software site branded as “MS Antivirus 2008″. The file, MSASetup.exe comes from hxxp://msantivirusxp.com/install.php and is undetected by most AV vendors at the moment.

Updates will be posted here...

1f58d870738aaebb12ed7ece90781c6a
0c17a1aec982687fabc40ecb87fe0166

» lithium's blog | login or register to post comments

Rustocks after effect..

Submitted by Atif Mushtaq on Thu, 2008-08-21 19:27.

Yeh this Rogus AV is currently being dropped by Rustock via Trojan.Exchanger...

http://www.marshal.com/trace/traceitem.asp?article=746
http://blog.fireeye.com/research/2008/08/srizbi-and-rust.html

» login or register to post comments

Fake AV + Rootkit

Submitted by sai7sai on Thu, 2008-08-21 21:01.

We also recieved many spams related to it, please read http://malware-test-lab.blogspot.com/.

» login or register to post comments

I'm speaking more in

Submitted by lithium on Thu, 2008-08-21 21:31.

I'm speaking more in reference to the fact that they changed the name from XP Antivirus to MS Antivirus. It's likely that more will arrive with a similar name. I know that the malware has not changed so I'm just alerting everyone because many people already know that XP Antivirus is rogue.

./lithium
MalwareDatabase

» login or register to post comments

User login

Malware Search

Navigation

Active forum topics

Recent blog posts

Navigation

Affiliates

Links

Who's online

Online users

Ads

MS Antivirus 2008 morphed from XP Antivirus 2008

Rustocks after effect..

Fake AV + Rootkit

I'm speaking more in