Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.FAKEAV.ADXZ (AntiMalware Doctor)

 

 

 

Name:

Trojan.FakeAV.adxz

Added:

May 30, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.FakeAV.adxz is executed, it performs the following activities:

It creates the following folders:

%Appdata%\{Alpha numeric characters}

%Userprofile%\Start Menu\Programs\Antimalware Doctor

It then creates the following files:

%Appdata%\{Alpha numeric characters}\dlupdt6kc.exe
%Appdata%\{Alpha numeric characters}\enemies-names.txt
%Appdata%\{Alpha numeric characters}\local.ini
 

It creates the following shortcut link file for auto execution:

%Userprofile%\Start Menu\Programs\Startup\Antimalware Doctor.lnk

 
Upon execution; it shows dialogue box of fake Automatic Update and as soon as the user clicks to install, it shows a screen of a fake updates being downloaded message.  Soon after the rogueware 'Antimalware Doctor' gets downloaded and displays fake scanning on the machine:
 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware


 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4