Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

FRAUDTOOL.MS-SECURITY.IN

 

 

 

Name:

FraudTool.MS-Security.in

Added:

May 4, 2011

Type:

Fraudtool

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When FraudTool.MS-Security.in is executed, it immediately disables all use of Portable Exectuable (PE) files. It prompts fake security alerts in order to scare the user into purchasing the trial version of the fake antivirus software application called Spyware Protection.   

The rogueware will do the following:

It will drop the file:

%ALLUSERSPROFILE%\%appdata%\defender.exe

It does not reamin in memory and can be cleaned by killing the process in memory.

Below is a sample screenshot of the installed Spyware Protection:

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4