Sunday, January 30, 2011

TR/FakeSysdef.B

 General Method of propagation:
• No own spreading routine

Aliases:
•  Kaspersky: Trojan-Dropper.Win32.Agent.dvgr
•  F-Secure: Trojan-Dropper.Win32.Agent.dvgr
•  Sophos: Mal/FakeAV-IK
•  Avast: Win32:FakeAlert-VC
•  AVG: Cryptic.BQU
•  Grisoft: Cryptic.BQU
•  Eset: Win32/Kryptik.JKT
•  DrWeb: Trojan.Fakealert.19991
•  Fortinet: W32/FakeAV.EA!tr
•  Rising: Packer.Win32.Agent.bk

Platforms / OS:
• Windows 95
• Windows 98
• Windows 98 SE
• Windows NT
• Windows 2000
• Windows XP
• Windows 2003
• Windows Vista
• Windows Server 2008
• Windows 7

Side effects:
• Drops files
• Falsley reports malware infection or system problems and offers to fix them if the user buys the application.
• Lowers security settings
• Registry modification
• Pricetrap function - user is fooled into making a costly subscription

Right after execution the following information is displayed:





Description inserted by Alexander Bauer on Friday, January 28, 2011
Description updated by Andrei Ivanes on Friday, January 28, 2011

View the original article here