FakeSysdef

Posted: November 30, 2010
Threat Metric
Threat Level: 8/10
Infected PCs 34,956

FakeSysdef Description

FakeSysDef is a group of rogue defraggmenters, memory-checkers and system diagnostic tools that create fake alerts and fake problems to make it appear as though your PC is infected by multiple types of high-level threats (such as keyloggers, rootkits or Trojan horses). Because scamware programs within the FakeSysDef try to look visually-identical to a real system diagnostic product, you may be tricked into thinking that buying a FakeSysDef program might not be a self-destructive idea. However, doing this will not solve any of the problems that a FakeSysDef infection causes, nor will FakeSysDef accomplish anything other than giving your money and credit card over to criminals. SpywareRemove.com malware analysts recommend that you treat any FakeSysDef application as a hostile invader to your PC and take steps to delete your FakeSysDef infection via suitable anti-malware system scans.

FakeSysDef – a Single Type of Scamware with More Names Than You Can Count

A Fake fake diagnostic program from the FakeSysDef family is often acquired by visits to malicious websites or infected P2P files. Variants of FakeSysDef products may use different methods to launch themselves, potentially including sophisticated techniques like memory-injection or alterations to the Windows Registry. However, the baseline behavior for a FakeSysDef infection, once installed, is typically predictable, although many FakeSysDef applications will use different names to try to keep an appearance of legitimacy. Examples of FakeSysDef programs that SpywareRemove.com malware researchers have looked over include:

FakeSysDef applications may also use an operating system name as a prefix – this is often some version of Windows (for example, Windows 7 Repair or Windows XP Restore).

How to Distinguish a FakeSysDef Attacker from Real System Defense Programs

A FakeSysDef infection can be identified by its persistent use of fake system alerts and bad system scans that imply that your PC is seriously-damaged or infected by threats that other anti-malware programs can't detect. Samples of these scarecrow warnings that SpywareRemove.com malware researchers have brought to light can be, but aren't restricted to:

Bad sectors on hard drive or damaged file allocation table – Critical Error

28% of HDD space is unreadable – Critical Error

Critical Error
A critical error has occurred while indexing data stored on hard drive. System restart required.

A problem detected while reading boot operation system files

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Boot sector of the hard drive disk is damaged – Critical Error – Limited Edition

System Restore
The system has been restored after a critical error. Data integrity and hard drive integrity verification required.

Windows – No Disk
Exception Processing Message 0×0000013

Read time of hard drive cluster less than 500 ms – Critical Error

Serious system error
The system will reboot in 30 seconds
Windows can not continue operating due to fatal system error.
Windows was forced to restart.
All unsaved data will be lost.

Confirmation
FakeSysDef detected an error on your hard drive when trying to access a file
C:\Program Files\Internet Explorer\iexplore.exe
Perform data recovery now?

Disk Error
Can not find file: C:\Program Files\Messenger\msmsgs.exe
File may be deleted or corrupt.
It is strongly recommended to check the disk for errors.

Read time of hard drive cluster less than 500 ms – Critical Error

Confirmation
Your hard drive contains a lot of critical errors!
All your data including installed programs, documents, email, etc. are at risk of irreversible corrupt.
The trial version does not have low-level access module needed to fix the errors found.
It is strongly recommended to activate the full version software with necessary modules. Activate full version now?

A FakeSysDef infection is also extremely-likely to try to block your security and anti-malware programs. You may also experience software blockages for other applications such as Task Manager or Registry Editor. All of these attacks serve the purpose of convincing you to purchase an activation key for the FakeSysDef program in question. Rather than doing this and wasting your money, SpywareRemove.com malware researchers suggest that you delete your FakeSysDef infection with a real anti-malware program. Finding some method to stop the FakeSysDef application from launching itself (such as a Safe Mode boot) may be required before you remove all FakeSysDef-infected components.

Aliases


W32/FakeSysDef.PGE!tr [Fortinet]TR/FakeSysdef.A.737 [AntiVir]Trojan-FakeAV.Win32.FakeSysDef.pge [Kaspersky]TROJ_GEN.F47V0227Troj_Generic.HVXDMDropper.Generic6.BILT [AVG]Virus.Win32.Injector [Ikarus]a variant of Win32/Injector.VWVTrojan.Win32.A.Capper.39936Trojan/JboxGeneric.niuTrojan.Generic.KD.716362 (B)TR/Rogue.KD.716362.5 [AntiVir]Trojan.Win32.FakeSysdef.oza (v)Trojan.Zbot!PP8tSAUIThMTrojan.Win32.Jorik.Zbot.fre [Kaspersky]
More aliases (8976)

Use SpyHunter to Detect and Remove PC Threats

If you are concerned that malware or PC threats similar to FakeSysdef may have infected your computer, we recommend you start an in-depth system scan with SpyHunter. SpyHunter is an advanced malware protection and remediation application that offers subscribers a comprehensive method for protecting PCs from malware, in addition to providing one-on-one technical support service.

Download SpyHunter's Malware Scanner

Note: SpyHunter's free version is only for malware detection. If SpyHunter detects malware on your PC, you will need to purchase SpyHunter's malware tool to remove the malware threats. Learn more on SpyHunter. If you would like to uninstall SpyHunter for any reason, please follow these uninstall instructions. To learn more about our policies and practices, visit our EULA, Privacy Policy and Threat Assessment Criteria.

Why can't I open any program including SpyHunter? You may have a malware file running in memory that kills any programs that you try to launch on your PC. Tip: Download SpyHunter from a clean computer, copy it to a USB thumb drive, DVD or CD, then install it on the infected PC and run SpyHunter's malware scanner.

Technical Details

File System Modifications

Tutorials: If you wish to learn how to remove malware components manually, you can read the tutorials on how to find malware, kill unwanted processes, remove malicious DLLs and delete other harmful files. Always be sure to back up your PC before making any changes.

The following files were created in the system:



%ALLUSERSPROFILE%\Datos de programa\egidPXEnjJF.exe File name: egidPXEnjJF.exe
Size: 305.15 KB (305152 bytes)
MD5: ff47d228034fc136af3c44c64b33c72e
Detection count: 81
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Datos de programa\
Group: Malware file
Last Updated: April 16, 2013
%USERPROFILE%\gppmxkbsscdiwpjyih.exe File name: gppmxkbsscdiwpjyih.exe
Size: 305.15 KB (305152 bytes)
MD5: 7bd18d1dd6236ed83fbf2f254eb66d69
Detection count: 64
File type: Executable File
Mime Type: unknown/exe
Path: %USERPROFILE%\
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\Anwendungsdaten\URdEIoPdlrOf.exe File name: URdEIoPdlrOf.exe
Size: 294.91 KB (294912 bytes)
MD5: 4c9929524ba309d75c408c9a80750665
Detection count: 44
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\
Group: Malware file
Last Updated: February 22, 2013
%ALLUSERSPROFILE%\Datos de programa\eknXhqrKnsXlF.exe File name: eknXhqrKnsXlF.exe
Size: 301.56 KB (301568 bytes)
MD5: be52e7e38b9b467c51972cc841e7e487
Detection count: 35
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Datos de programa\
Group: Malware file
Last Updated: April 24, 2013
%TEMP%\148247.exe File name: 148247.exe
Size: 296.96 KB (296960 bytes)
MD5: 807f4514320ea1577d1a7d28299e35b6
Detection count: 32
File type: Executable File
Mime Type: unknown/exe
Path: %TEMP%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\Anwendungsdaten\XHnASFcJrnlLmYD.exe File name: XHnASFcJrnlLmYD.exe
Size: 294.91 KB (294912 bytes)
MD5: e56e762f2e90c996dccd13411c910e6c
Detection count: 28
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Anwendungsdaten\
Group: Malware file
Last Updated: February 25, 2013
%ALLUSERSPROFILE%\ltCNsxmSemgqBwD.exe File name: ltCNsxmSemgqBwD.exe
Size: 297.98 KB (297984 bytes)
MD5: a767bed0fee596706f9556d9dd6cea51
Detection count: 24
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\ODJvPpaotTb.exe File name: ODJvPpaotTb.exe
Size: 294.91 KB (294912 bytes)
MD5: a35e808f5866d1b5de1cf31c8dcea26f
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: February 26, 2013
%ALLUSERSPROFILE%\Dati applicazioni\jdSnJsadxcWFCe.exe File name: jdSnJsadxcWFCe.exe
Size: 297.98 KB (297984 bytes)
MD5: 29e8b46c3d92b92a0ea64289fe66764f
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Dati applicazioni\
Group: Malware file
Last Updated: May 15, 2013
%ALLUSERSPROFILE%\rbpbjipvqhrr.exe File name: rbpbjipvqhrr.exe
Size: 299 KB (299008 bytes)
MD5: 97b0d56dde618dd297203291b06ec545
Detection count: 21
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\XPVnElAMsonvcMj.exe File name: XPVnElAMsonvcMj.exe
Size: 301.56 KB (301568 bytes)
MD5: 289c511dd277e046e3da62ce43fb49f8
Detection count: 19
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\xwqnxyxepcug.exe File name: xwqnxyxepcug.exe
Size: 300.03 KB (300032 bytes)
MD5: 4b8f337c8cd53fea7cb35511069d07ce
Detection count: 16
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 6, 2013
%ALLUSERSPROFILE%\bgPqKOKVwPQv.exe File name: bgPqKOKVwPQv.exe
Size: 296.44 KB (296448 bytes)
MD5: d206f84768ea72998aed1f851433b1c6
Detection count: 14
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: February 26, 2013
%ALLUSERSPROFILE%\okjlroutvcya.exe File name: okjlroutvcya.exe
Size: 299 KB (299008 bytes)
MD5: fbd750d0a801f621130b836daae32324
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\yejptgssgaxp.exe File name: yejptgssgaxp.exe
Size: 303.1 KB (303104 bytes)
MD5: a1c5a8aa1ba6d5ed2eb25d61d4f0126f
Detection count: 12
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\qrxslipmyxvfmye.exe File name: qrxslipmyxvfmye.exe
Size: 299.52 KB (299520 bytes)
MD5: d1d14cccc83221d9514f3340fedc5e53
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\Datos de programa\MRvvplxYWheRr.exe File name: MRvvplxYWheRr.exe
Size: 300.54 KB (300544 bytes)
MD5: 8cc290bd8d6c401b0718ccb67333fb1b
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\Datos de programa\
Group: Malware file
Last Updated: March 6, 2013
%ALLUSERSPROFILE%\ellporskarvhs.exe File name: ellporskarvhs.exe
Size: 301.56 KB (301568 bytes)
MD5: 006c636e1bee4ae2830dc33b35991131
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\SyxlJvVkCVeuBSP.exe File name: SyxlJvVkCVeuBSP.exe
Size: 301.56 KB (301568 bytes)
MD5: 3117eef55b0ee060df4bee5286522236
Detection count: 9
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 29, 2013
%ALLUSERSPROFILE%\dttiyfmkftuqpj.exe File name: dttiyfmkftuqpj.exe
Size: 298.49 KB (298496 bytes)
MD5: d1ac34449b856c8cba42e7febf1ec2ba
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 4, 2013
%ALLUSERSPROFILE%\KxEKSHyFtVVY.exe File name: KxEKSHyFtVVY.exe
Size: 300.03 KB (300032 bytes)
MD5: e4380b5b02d432a677bcf1ceaed3e038
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 12, 2013
%ALLUSERSPROFILE%\qlgpacrvkixcre.exe File name: qlgpacrvkixcre.exe
Size: 305.15 KB (305152 bytes)
MD5: 1e2b74845aab419e78a9e63758863482
Detection count: 7
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 21, 2013
%ALLUSERSPROFILE%\yintxdfmjessfn.exe File name: yintxdfmjessfn.exe
Size: 301.56 KB (301568 bytes)
MD5: d020f69d6216c4a14f9c15928b89474f
Detection count: 5
File type: Executable File
Mime Type: unknown/exe
Path: %ALLUSERSPROFILE%\
Group: Malware file
Last Updated: March 29, 2013

More files

Related Posts

Leave a Reply

Please note that we are not able to assist with billing and support issues regarding SpyHunter or other products. If you're having issues with SpyHunter, please get in touch with SpyHunter customer support through your SpyHunter. If you have SpyHunter billing questions, we recommend you check the Billing FAQ. For general suggestions or feedback, contact us.