W32/UltimateDefender.GEW

Posted: February 24, 2009

W32/UltimateDefender.GEW, also known as Virantix Trojan, Trojan.Virantix.C and Trojan:Win32/Wantvi.I, is an extremely dangerous trojan program, which contains backdoor capabilities. Once executed, it will allow the remote attacker to get full control over your PC and all the data stored on it. This places all your personal and financial information in serious risk. In addition, W32/UltimateDefender.GEW may degrade system performance, hijack and change your desktop, generate false warning messages claiming that your PC has been infected and offering to download a "reliable" anti-spyware application, which in reality is a rogue anti-spyware program. We recommend that you remove W32/UltimateDefender.GEW immediately.

File System Modifications

The following files were created in the system:

# File Name

1 brastk.exe

2 braviax.exe

#	File Name
1	brastk.exe
2	braviax.exe

Registry Modifications

The following newly produced Registry Values are:
HKEY..\..\..\..{Subkeys}HKEY_USERS\S-1-5-21-XXXXXXXXXX-XXXXXXXXXX-XXXXXXXXX-XXXX\Software\Microsoft\Windows\CurrentVersion\Run

One Comment

Bruigue says:

February 2, 2012 at 12:35 pm

Hello. finally a real solution.

W32/UltimateDefender.GEW

File System Modifications

Registry Modifications

One Comment

Leave a Reply