Security software firm PC Tools is reporting that 'surprisingly high numbers' of users have been duped by a dodgy codec named: "multycodecupgr.7.<20xxx>.exe". The codec proports to be a free malware scanner, but instead plants fake malware warnings on PCs, in order to extort money for a product named AntiVirus 2008.
Once downloaded the file dumps a couple of malicious .exe files on to the infected system, often named with a single character. The malware quietly positions 'sav.exe' in a directory it creates called: 'program files\AntiVirus 2008'. Then these files send multiple 'warning' messages to the unsuspecting user that their PC is infected with nasties such as Blaster.Sasser. It isn't, but those warnings keep on coming.
At this point, tech-savvy users will probably smell a rat. Those taken in by the 'warnings' are directed to hxxp://www.s-av2008.com to 'clean up' the problem. Don't go to this site. Definitely don't pay the $40 it asks you to shell out for AntiVirus 2008. It's a scam.