Home / malwarePDF  

Adware:Win32/FlvDirect


First posted on 25 May 2010.
Source: SecurityHome

Aliases :

Adware:Win32/FlvDirect is also known as LoudMo.A (AVG), Adware.LoudMo.44 (Dr.Web), Win32/Adware.Primawega.AC.Gen (ESET), Adware.Win32.FLVDirectPlayer (Sunbelt Software).

Explanation :

Adware:Win32/FlvDirect is the detection for a file that installs the program "FlvDirect Media Player". This program is usually bundled with another adware program detected as Adware:Win32/LoudMo. Adware:Win32/FlvDirect can be downloaded from the FlvDirect Media Players Web site. It can also be disguised as other programs.
Top

Adware:Win32/FlvDirect is the detection for a file that installs the program "FlvDirect Media Player". This program is usually bundled with another adware program detected as Adware:Win32/LoudMo. These installers contain an ID, which can be monitored; the more installers are deployed, the more an affiliate company is paid for deploying the installer. Adware:Win32/FlvDirect can be downloaded from the FlvDirect Media Players Web site. It can also be disguised as other programs. Installation Upon execution, Adware:Win32/FlvDirect may display a splash screen similar to the following: It may also have an icon similar to the following: Of note is the fine print at the bottom of the installer that mentions that along with FLV Direct the user agrees to install "LoudMo Contextual Ad Assistant". This software is detected as Adware:Win32/LoudMo. In the wild, this program is also known to disguise itself as a key generator that has the following interface: When the "Get Key" option is selected, the program connects to "flvdirect.com" to install software. The key generator may have an icon similar to the following:

Analysis by Michael Johnson

Last update 25 May 2010

 

TOP