TROJAN.FAKEAV.AVG.INTERNETSEC
Name:
Trojan.FakeAV.AVG.InternetSec
Added:
February 1, 2011
Type:
Trojan
Risk:
Low
Payload:
N/A
At risk systems:
Windows 95/98/ME/XP/NT/2003
Description:
When Trojan.FakeAV.AVG.InternetSec is executed, it performs the following activities: It creates the following file:- C:\Program Files\AVG Antivirus 2011\avg.exe- C:\WINDOWS\system32\iesafemode.exe- C:\Documents and Settings\Administrator\Desktop\AVG Antivirus 2011.lnk- C:\Documents and Settings\Administrator\Local Settings\Temp\UE80E6ZY.exe- C:\Documents and Settings\All Users\Start Menu\AVG Antivirus 2011\AVG Antivirus 2011.lnk- C:\Documents and Settings\All Users\Start Menu\AVG Antivirus 2011\Uninstall.lnkIt creates/modifies the following registry entries:HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\RunAVG Antivirus 2011 = C:\Program Files\AVG Antivirus 2011\avg.exeHKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\chrome.exe\Debugger: iesafemode.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\firefox.exe\Debugger: iesafemode.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iexplore.exe\Debugger: iesafemode.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\opera.exe\Debugger: iesafemode.exe HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\safari.exe\Debugger: iesafemode.exe We have included a few screenshots below:
Malware problems?We can help.
Evaluate Thirtyseven4 Antivirus Now
“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4
