Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Threats » W32/FraudPack

Overview

Threat Risk MEDIUM MEDIUM
Destructivity Unknown UNKNOWN
Payload Downloads and install malware.
Detection files published
Description created 16 Apr 2010 01:49:00
Description updated 16 Apr 2010 01:49:00
Malware type TROJAN
Alias Trojan.Win32.FraudPack (Kaspersky)
Trojan:Win32/FakeXPA (Microsoft)
Trojan. FraudPack (McAfee)
TR/FraudPack (AntiVir)
Spreading mechanism UNKNOWN
Summary

W32/FraudPack

Spreading

Once installed, FraudPack may attempt to entice the user into purchasing a service or additional software by:

Alerting the user with the fake or simulated detection of malware or pornography. Displaying an animation simulating a system crash and reboot. Selectively disabling parts of the system to prevent the user from uninstalling them. Some may also prevent anti-malware programs from running, disable automatic system software updates and block access to web sites of anti-malware vendors. Installing actual malware onto the computer, then alerting the user after "detecting" it. Scaring the user by presenting authentic-looking pop-up warnings and security alerts, which may mimic actual system notices.

Payload Details

n/a

Analysis

n/a

Removal

Lumension's antivirus products are in general able to remove all malicious software that is detected. Some malware variants, however, use techniques that the general product does not remove sufficiently. We have therefore developed the free product Lumension Malware Cleaner. Please use the latest version of this program from the link below if your Lumension antivirus is unable to clean the infection. http://www.norman.com/support/support_tools/58732/en


Last Updated: 12 Nov 2015 11:06:11