Thursday, August 26, 2010

Major Defense Kit

Major Defense Kit is in the FakeRean family of rogue security products. VIPRE detects it as Trojan.Win32.Generic.pak!cobra. Like all rogues, it does a fake scan of your computer then tells you it has found malicious code.

(click to enlarge graphic)

It requires you to pay for the fake software before it “cleans” your machine of the fictitious infections.

(click to enlarge graphic)

One way (there may be others) that Major Defense Kit is delivered is through a phony “Microsoft Security Essentials Alert” which is displayed by a Trojan.

Basically, it mimics the idea of VirusTotal, (http://www.virustotal.com/ ) a site which enables you to see how 40 legitimate security companies identify a sample of malicious code that you submit.

The downloader copies itself into multiple folders under different names. After five to 15 minutes it generates a fake alert pop-up window:

(click to enlarge graphic)

If you click ANY of the four buttons on the scary “Potential threat details” screen, it takes you to a web site that shows you how different anti-malware products allegedly identify the malware that is (not really) on your computer. It includes a long list of legitimate ones, which, oddly enough find no infection on your machine.

However, the display shows that some of them -- all of which are rogues -- have identified malicious files. They have a “free install” button listed next to their names. Clicking on the buttons installs the rogues.


(click to enlarge graphic)

To Remove Major Defense Kit:

If Major Defense Kit has infected your PC, you should remove it immediately. Click here to use VIPRE to remove Major Defense Kit from your computer now.

No comments:

Post a Comment