Trojan Horse Agent3.CPCF Removal Report

Archive for 2012.

Trojan Horse Agent3.CPCF

Trojan Horse Agent3.CPCF is a Trojan that poses as a genuine program. Trojan Horse Agent3.CPCF is distributed to the vulnerable computer system via insecure downloads. Trojan Horse Agent3.CPCF can deliver and install other malware infections on the affected PC. Trojan Horse Agent3.CPCF enables cybercriminals to obtain full remote access over the compromised PC. Trojan Horse Agent3.CPCF can gather confidential information from computer users and transmit it to a remote server….

Posted by GoldSparrow in Trojans | No Comments »

Vista Security Plus 2013

We’ve received reports of a large number of malware being released towards the end of 2012 with characteristics similar to malware in the Braviax (or FakeRean) family of malware. It seems that these fake security programs follow similar naming patterns, including the characteristic use of the string ‘2013′ appended to the end of each rogue security application’s name. Vista Security Plus 2013 is just one of the many variants in these kinds of fake security programs. Vista Security Plus 2013 is designed to attack computers with the Windows Vista operating system; Vista Security Plus 2013 is installed with a Trojan that detects the victim’s operating system and then installs a Braviax variant corresponding to the victim’s computer. For example, if the infected computer were using Windows 7…

Posted by JubileeX in Rogue Anti-Spyware Program | No Comments »

XP Security Plus 2013

XP Security Plus 2013 and its many clones are part of a large batch of malware in the Braviax (also known as FakeRean) family that are being released since October of 2012 in preparation for the coming new year. XP Security Plus 2013 is typically installed by a Trojan infection which detects the victim’s operating system and then installs a variant of this family of malware that corresponds to the victim’s operating system. XP Security Plus 2013 tries to scam the victim by giving the impression that the victim’s computer is infected with malware and that XP Security Plus 2013 is actually a real security application that can be capable of removing this fictional malware. Unfortunately, XP Security Plus 2013 is not designed to detect or remove malware infections. Rather, XP Security Plus 2013…

Posted by ZulaZuza in Rogue Anti-Spyware Program | No Comments »

Troj/DwnLdr-KLI

Troj/DwnLdr-KLI is a Trojan that is distributed and installed on the compromised PC by other malware threats. Troj/DwnLdr-KLI may also proliferate via spam email attachments and unsafe downloads. When installed on the infected computer system, Troj/DwnLdr-KLI alters system settings by adding infectious files or modifying registry entries. Troj/DwnLdr-KLI enables cybercriminals to obtain full remote access to the affected computer. Troj/DwnLdr-KLI may gtaher confidential information from affected PC users and transmit it to a remote server….

Posted by Sumo3000 in Trojans | No Comments »

Trojan HTML.Redirector.WD

Trojan HTML.Redirector.WD is a Trojan that corrupts mainly Internet browsers such as Google Chrome, Internet Explorer and Mozilla Firefox. Trojan HTML.Redirector.WD propagates via malicious HTML web pages that aim at exploiting a vulnerability in a compromised PC. Trojan HTML.Redirector.WD affects a targeted PC when a web user visits a hacked website. Trojan HTML.Redirector.WD may also be distributed and installed on the infected computer by other security threats. Free file-sharing applications and software downloads are also used to deliver Trojan HTML.Redirector.WD to affected PCs. While being executed, Trojan HTML.Redirector.WD adds malevolent files and modifies the Windows Registry without the PC owner knowing about it. Trojan HTML.Redirector.WD disguises itself on the attacked computer; therefore, it might be hard to find and uninstall it with many security tools. Trojan…

Posted by Domesticus in Trojans | No Comments »

HackTool:Win32/ConnectCmd

HackTool:Win32/ConnectCmd is a command-line tool that can be used to transmit and receive commands to and from a remote IP address. HackTool:Win32/ConnectCmd may be downloaded and installed deliberately by a computer user. While being executed, HackTool:Win32/ConnectCmd creates a new command prompt window which the computer user can use to divert input, output and error commands to a remote IP address….

Posted by LoneStar in Malware | No Comments »

Trojan.Stabuniq

Trojan.Stabuniq is a Trojan that steals private details from the affected PC. While being executed, Trojan.Stabuniq may create malevolent files on the targeted computer. Trojan.Stabuniq creates sveral registry entries so that it can load automatically every time you start Windows. Trojan.Stabuniq transfers the collected information to remote locations.

Trojan.Stabuniq distribution by type pie chart – image credit: Symantec…

Posted by Domesticus in Trojans | No Comments »

Win 7 Security Plus 2013

Win 7 Security Plus 2013 is a variant in the Braviax family of malware, also known as FakeRean. ESG malware analysts have noticed the release of new variants in this family with the string
‘2013′ attached to each fake security application’s name, in preparation for the coming new year. Win 7 Security Plus 2013 carries out a scam that criminals use to steal money from unsuspecting computer users. The Win 7 Security Plus 2013 scam consists in making the victim believe that the infected computer has become compromised by a severe virus or Trojan attack. To do this, Win 7 Security Plus 2013 uses a variety of tactics designed to alarm the victim. These include the approaches in the following list:

Win 7 Security Plus 2013 causes the infected computer to display numerous…

Posted by Sumo3000 in Rogue Anti-Spyware Program | No Comments »

WM97/ExeDrop-G

WM97/ExeDrop-G is a malware infection that propagates as the malicious Sudoku-making Microsoft Excel spreadsheet. WM97/ExeDrop-G uses sleight-of-hand a to install itself on the targeted computer. Microsoft Office incorporates the powerful programing language Visual Basic for Applications, accessible from Office documents as macros. If a computer user needs to create a puzzle to solve, he/she has to enable macros. To create Sudoku puzzles, an application is required, and to execute the application macros is required. Cybercrooks even give PC users simple instructions on how to help turning macros back on. Once those malicious security measures are bypassed, computer users can solve as many Sudoku as they want. However, in the background a macro installs and runs a malware infection found as WM97/ExeDrop-G. WM97/ExeDrop-G gather system information using particular standard commands that…

Posted by GoldSparrow in Malware | No Comments »

Fake FBI Anti-Piracy Warning

The Fake FBI Anti-Piracy Warning is part of a ransomware Trojan attack. This ransomware infection attempts to steal $200 USD from victims by impersonating the FBI (America’s federal police, the Federal Bureau of Investigation). Like similar fake police message ransomware infections, the Fake FBI Anti-Piracy Warning accuses the victim of illegal activities, claiming that the victim’s computer was blocked by the FBI as a deterrent for these kinds of acts. There are dozens of variants of the Fake FBI Anti-Piracy Warning which usually demand payment through the Green Dot MoneyPak money transfer system. Malware that blocks access to Windows and pretends to be a message from a law enforcement agency is quite common and should be removed with a reliable anti-malware program.