BKDR_ZACCESS.SMQQ is a ZeroAccess-based Trojan that displays a fake Adobe software pop-up as part of the installation process for other ZeroAccess-related PC threats. BKDR_ZACCESS.SMQQ’s attack only appears for nonadministrator Windows accounts that require privilege elevation before the rest of the malware can be installed. Because BKDR_ZACCESS.SMQQ is always part of a multi-component attack that involves several types of ZeroAccess Trojans or rootkits, SpywareRemove.com malware experts recommend that you scan your PC thoroughly with anti-malware software after any signs of BKDR_ZACCESS.SMQQ-related attacks (such as its characteristic installer pop-up). PC threats from BKDR_ZACCESS.SMQQ’s family always should be considered high-level security risks due to their penchant for stealing bank account information, installing additional malware and blocking security programs.
How BKDR_ZACCESS.SMQQ Attacks Your PC with Your Permission
BKDR_ZACCESS.SMQQ is dropped on your PC by another ZeroAccess Trojan, BKDR_ZACCESS.KP, in instances where limited admin privileges prevent BKDR_ZACCESS.KP from installing its payload. Although BKDR_ZACCESS.SMQQ is dropped as a malicious DLL, a binary planting exploit allows BKDR_ZACCESS.SMQQ to be launched via a fake InstallFlasherPlayer.exe file. BKDR_ZACCESS.SMQQ then proceeds to display a standard UAC (User Account Control) pop-up to install Adobe Flash Player.
Because this pop-up looks identical to one that displays when you’re trying to install the real Adobe Flash Player on a Windows account, many victims may install the full ZeroAccess Trojan without realizing what they’ve done. BKDR_ZACCESS.SMQQ’s method of installation appears to be working out for ZeroAccess malware, given that SpywareRemove.com malware analysts have noted a rise in ZeroAccess infections as of July 2012.
However, Windows users with full administrator privileges will never see BKDR_ZACCESS.SMQQ – BKDR_ZACCESS.KP will install the rest of its malicious software without ever dropping BKDR_ZACCESS.SMQQ or causing its pop-up to appear.
The Aftereffects of Trusting BKDR_ZACCESS.SMQQ’s ‘Adobe’ Installer
The ultimate consequence of a BKDR_ZACCESS.SMQQ attack is a full blown ZeroAccess infection that can be used for a range of broadly-applicable attacks against your computer. SpywareRemove.com malware experts have taken note of the following functions in particular:
- Opening a firewall-bypassing backdoor to download malicious files or transfer personal information.
- Theft of information related to bank accounts by monitoring website interaction (form submissions and URLs visited) and, potentially, modifying web content to steal additional information.
- Blocking security programs, especially programs that are included by default with Windows (the Windows Firewall, Windows Defender, Windows Security Center, et cetera).
Trojan droppers that install BKDR_ZACCESS.SMQQ Trojans are often distributed as fake cracks or key generators for popular games, particularly through torrenting services. To delete droppers like BKDR_ZACCESS.SMQQ you should always use anti-malware software as required, since Trojans associated with BKDR_ZACCESS.SMQQ will use misleading file names and file locations to make themselves appear as part of your operating system.
BKDR_ZACCESS.SMQQ Automatic Detection Tool (Recommended)
Is your PC infected with BKDR_ZACCESS.SMQQ? To safely & quickly detect BKDR_ZACCESS.SMQQ, we highly recommend you run the malware scanner listed below.
Download SpyHunter's* Malware Scanner to detect BKDR_ZACCESS.SMQQ What happens if BKDR_ZACCESS.SMQQ does not let you open SpyHunter or blocks the Internet?
File System Modifications
Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.
- The following files were created in the system:
# File Name 1 Youtube_Grabber_Keygen.exe 2 Diablo_III_crack.exe 3 Microsoft_Office_Professional.crack.exe 4 K-Lite Codec Pack.exe 5 msimg32.dll
Posted: August 16, 2012 | By SpywareRemove
Threat Level: 6/10
Rate this article:
Detection Count: 53