Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.FAKEAV (Security Defender)

 

 

 

Name:

Trojan.FakeAV-SD

Added:

May 16, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.FakeAV-SD is executed, it performs the following activities:

It installs a fake security software Security Defender designed to look and act as an legitimate program. Once installed it shows false security alerts and fake infections.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

It drops the following files:

%Allusersprofile%\Application Data\[Random name].avi

%Allusersprofile%\Application Data\[Random name].lnk

%Allusersprofile%\Application Data\[Random name].ico

%Allusersprofile%\Start Menu\Programs\Startup\[Random name].lnk

%usersprofile%\Start Menu\Programs\Startup\[Random name].lnk

%temp%\ins6.tmp

%temp%\wrk7.tmp


It creates/modifies the folowing registry entries:

[Random name] = "%system32%\rundll32.exe" " %Allusersprofile%\Application Data\[[Random name].avi", start HKLM\Software\Microsoft\Windows\CurrentVersion\Run

It connects to malicious websites and download other malwares.

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4