Malware type: Trojan

Aliases: No Alias Found

In the wild: Yes

Destructive: No

Language: English

Platform: Windows 98, ME, NT, 2000, XP, Server 2003

Encrypted: No

Description: 

This Trojan may be downloaded from remote sites by other malware. It may be downloaded unknowingly by a user when visiting malicious Web sites.

It creates registry entries to enable its automatic execution at every system startup. It creates registry key(s)/entry(ies) as part of its installation routine.

When executed, it displays the following message box to prompt user to download and install a fake antivirus program:

It downloads a file that Trend Micro detects as TROJ_FAKEAV.EC. As a result, routines of the downloaded Trojan are also exhibited on the affected system.

For additional information about this threat, see:
Solution
Technical Details

Description created: Aug. 17, 2008 9:35:21 AM GMT -0800

Search a new malware

Tell us how we did. Take our quick survey.