Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

TROJAN.FAKESYSDEF.L (Quick Defrag)

 

 

 

Name:

Trojan.FakeSysdef.l

Added:

January 17, 2011

Type:

Trojan

Risk:

Low

Payload:

N/A

At risk systems:

Windows 95/98/ME/XP/NT/2003

 

 

Description:

 

When Trojan.FakeSysdef.l is executed, it performs the following activities:

After execution, it creates the following folder:

%Userprofile%\Start Menu\Programs\Quick Defrag

It then drops the following files:

%appdata%\{Random name}.exe
%appdata%\{Random name}

It creates the following registry entry:

{Random name} = "%appdata%\{Random name}.exe"
HKCU\Software\Microsoft\Windows\CurrentVersion\Run

It appends the folowing registry entries:

PendingFileRenameOperations = "%appdata%\{Random name}.exe"
HKLM\System\ControlSet001\Control\Session Manager

PendingFileRenameOperations = "%appdata%\{Random name}.exe"
HKLM\System\CurrentControlSet\Control\Session Manager

After execution, it displays fake threat messages and forces a user to purchase the software in order to remove the fake threats:

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

 

 

 

 

 

 

 
Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Thirtyseven4 Antivirus Online Malware Scanner

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware Free Online Scanner

Malware problems?
Thirtyseven4 can help.

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Evaluate Thirtyseven4 Antivirus Now

Thirtyseven4 Antivirus | AntiMalware | AntiRootkit | AntiSpyware

Request a Quote

Thirtyseven4 - Industry Leading Endpoint Security Solution

“Delight yourself in the Lord and he will give you the desires of your heart.” Psalm 37:4