remark start
2010 year FakeAV
remark end
Windows Optimization Center
Remake from ThinkPoint authors, now including all "options", written on Delphi/CBuilder.
http://www.virustotal.com/file-scan/rep ... 1294060771
Runs through HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
While installation displaying fake MSE alike detection dialog, simulates installing/downloading (even without internet connect) and then asking for reboot.
After reboot system owned.
2010 year FakeAV
remark end
Windows Optimization Center
Remake from ThinkPoint authors, now including all "options", written on Delphi/CBuilder.
http://www.virustotal.com/file-scan/rep ... 1294060771
Runs through HKCU\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell
While installation displaying fake MSE alike detection dialog, simulates installing/downloading (even without internet connect) and then asking for reboot.
After reboot system owned.
Attachments
pass: malware
(2.34 MiB) Downloaded 143 times
(2.34 MiB) Downloaded 143 times
Last edited by EP_X0FF on Thu Feb 19, 2015 9:42 am, edited 1 time in total.
Reason: remark
Ring0 - the source of inspiration