Dishonest antivirus software which tricks users into buying or installing it, usually by infecting a user's computer, or by pretending the computer is infected.
Based on the settings of your F-Secure security product, it may block the file from running, move it to the quarantine where it cannot spread or cause harm, or ask you to select an action.
Rogue:W32/Antivirus2008 is a rogue that tries to dupe the user into purchasing a version of the product that can supposedly "remove" all the malware that it reports to the user.
The presence of this rogue in the system is evident when a window similar to this one appears:
All the supposedly "malicious" files that are displayed don't exist in the system. These are just meant to spook the user into purchasing the product.
Then it will display this after scanning:
And when you select "Remove all threats now", it will show this window:
Where you have to input the necessary activation key.
If you select "Continue Unprotected", it will show this balloon:
This rogue may also create this folder and drop itself in it:
Then it will create a corresponding autorun key here. A sample entry would be:
And the following keys:
Date Created: 2009-04-16 05:01:28.0
Date Last Modified: 2009-04-22 05:33:13.0