Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Trojan.FakeAV.IEYD (Security Protection)

 

 

 

Name:

Trojan.FakeAV.ieyd

Added:

September 10, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.FakeAV.ieyd is executed, it performs the following activities:

After execution, it drops the following files:

%allusersprofile%\Application Data\defender.exe
%alllusersprofile%\Desktop\Security Protection.lnk
%temp%\1.tmp
%temp%\2.tmp

Upon execution of "%allusersprofile%\defender.exe" it installs the fake antivirus "Security Protection" on the machine.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

It creates/modifies the Following registry entries:
Name = "%temp%\1.tmp"
HKLM\SYSTEM\ControlSet001\Control\Print\Providers\c5092

Name = "%temp%\1.tmp"
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\c5092

Security Protection = "%allusersprofile%\Application Data\defender.exe"
HKU\Software\Microsoft\Windows\CurrentVersion\Run

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Malware problems?
We can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4