Home / malware Trojan.FakeAlert.UM
First posted on 21 November 2011.
Source: BitDefenderAliases :
Trojan.FakeAlert.UM is also known as Trojan.Downloader.WinAntivirus.
Explanation :
This is a typical scareware (also known as WinFixer or WinAntivirus).
When executed, the trojan changes the desktop image and the system screensaver in order to mislead the user into believing that their computer is infected with spyware.
The trojan collects system information such as the processor model, OS version and list of installed programs, and uploads it to the winifixer.com site.
Downloads from the antivirxp08.com site a fake antivirus, detected as Adware.XpAntivirus.AL, which gives exaggerated reports of existing threats, and prompts the user to purchase it in order to remove the alleged threats.
Drops a Visual Basic script, detected as Application.CleanSystemRestore.A, which uses System Restore to save the current system state as the "Last good restore point".Last update 21 November 2011
