AdLoad: an advertisement bombarder

  • 0 Replies

Offline Bugbatter

  • Microsoft® MVP
  • Administrator
  • Diamond Member
  • 10671
AdLoad: an advertisement bombarder
« on: April 06, 2016, 08:59:32 AM »

While looking into an infection associated with a “system optimizer”—Didn’t we say they’re digital snake oil?—we identified a multi-functional installer called FAsetup1.exe (md5 902e30fa3dc4bf543b523b4a41eb8acd) as the source. This file offers a variety of different bundlers and scams that are usually different every time you run the executable and the offers vary with the user’s geolocation and operating system.

This “advertisement downloader” opens various advertisements, scam pages, fake alerts, and install sites for potentially unwanted programs (PUPs). Let us show you some examples:

Microsoft MVP Consumer Security 2006-2016
Microsoft Windows Insider MVP 2016-