Riskware/DriverTurbo
Analysis
Riskware/DriverTurbo is a generic detection for a Riskware.
Since this is a generic detection, samples that are detected as Riskware/DriverTurbo may have varying behaviour.
Below are some of its observed behaviours:
- This detection is for a series of incomplete driver installation utility.
The application requires user's to pay/register up front before the supposedly drivers are installed.
User's are cautioned not to use these kind of applications.
Below are some of its illustrations:
- Figure 1: Interface.
- Figure 2: Interface.
- Figure 2: Interface.
Recommended Action
- Make sure that your FortiGate/FortiClient system is using the latest AV database.
- Quarantine/delete files that are detected and replace infected files with clean backup copies.
Telemetry
Detection Availability
FortiGate | |
---|---|
Extended | |
FortiClient | |
Extreme | |
FortiAPS | |
FortiAPU | |
FortiMail | |
Extreme | |
FortiSandbox | |
Extreme | |
FortiWeb | |
Extreme | |
Web Application Firewall | |
Extreme | |
FortiIsolator | |
Extreme | |
FortiDeceptor | |
Extreme | |
FortiEDR |