|
Description:
To get a one-glance comprehensive view of the behavior of this malware, refer to the Behavior Diagram shown below.
Malware Overview
This Trojan may be downloaded from remote sites by TROJ_DLOAD.PG.
It poses as an anti-spyware program, purportedly from Microsoft. It entices users to buy the fake program by presenting fake pop-up alerts and fake scans, saying that the affected system has malware.
It displays the following Graphical User Interface (GUI):
It also displays an icon on the system bar and a fake message alert. This fake alert pops up and warns the user about a fake infection of the system:
When a user clicks on the fake alert pop-up, it displays the following GUI, which resembles Microsoft Security Center:
When the user clicks on any link on the said GUI, the following prompt appears, tricking the user to buy the fake antispyware:
When the Purchase Full Version button is clicked, it attempts to connect to a certain Web site. As of this writing, the said site is inaccessible.
For additional information about this threat, see:
Solution
Technical Details
Description created: Jan. 14, 2009 2:02:06 AM GMT -0800
Search a new malware
Tell us how we did. Take our quick survey.
|
Save & Share
