SecurityHome.eu Trojan.FakeAV.SQ

Home / malware PDF

Trojan.FakeAV.SQ

First posted on 21 November 2011.
Source: BitDefender
Aliases :
Trojan.FakeAV.SQ is also known as Win32:Xpantivirus-J.
Explanation :
The malware downloads other badware such as rogue antiviruses that claim to scan your computer, but they only detect false infections in order to trick the user into buying the product. ( Message of confirmation for the install of rogue antivirus : "This program will download and install Total Security on your PC." ). The rogue "Total Security" is a relative of the famous "XP Antivirus" scareware family.

It adds itself on startup using the following registry key : SoftwareMicrosoftWindowsCurrentVersionRun. Also it protects against common used tools by researchers, if any are found an error occurs and the file is deleted.
Last update 21 November 2011

TOP

Malware :

RATDispenser
whispergate
Borat RAT
Trojanized X_Trader
BlackLotus

Last 20