Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

FRAUDTOOL.NETCOTROL (Network Control)

 

Name:

FraudTool.NetCotrol

Added:

August 30, 2010

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When FraudTool.NetCotrol is executed, it performs the following activities:

After execution, it creates the following folder:

%Root Drive%:\NetworkControl

It then drops the following files:

%Root Drive%:\NetworkControl\nc.exe
%Root Drive%:\NetworkControl\svchost.exe

It creates/modifies the following registry entries for auto execution:

Shell = "%Root Drive%\NetworkControl\nc.exe -reboot"
HKCU\Software\Microsoft\Windows NT\CurrentVersion\Winlogon

After execution, it displays fake security threat messages and forces the user to purchase the software in order to remove the fake threats.

A couple screenshots of the FraudTool.NetCotrol are shown below:

Thirtyseven4 Antivirus Protects Against Network Control

Thirtyseven4 Antivirus Protects Against Network Control

 

 

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4