PWS:Win32/Farei

Posted: November 29, 2011

Threat Metric

The Threat Meter is a malware assessment that SpywareRemove.com's research team is able to give every identifiable malware threat. Our Threat Meter includes several criteria based off of specific malware threats to value their severity, reach and volume. The Threat Meter is able to give you a numerical breakdown of each threat's initial Threat Level, Detection Count, Volume Count, Trend Path and Percentage Impact. The overall ranking of each threat in the Threat Meter is a basic breakdown of how all threats are ranked within our own extensive malware database. The scoring for each specific malware threat can be easily compared to other emerging threats to draw a contrast in its particular severity. The Threat Meter is a useful tool in the endeavor of seeking a solution to remove a threat or pursue additional analytical research for all types of computer users.

The following fields listed on the Threat Meter containing a specific value, are explained in detail below:

Threat Level: The threat level scale goes from 1 to 10 where 10 is the highest level of severity and 1 is the lowest level of severity. Each specific level is relative to the threat's consistent assessed behaviors collected from SpyHunter's risk assessment model.

Detection Count: The collective number of confirmed and suspected cases of a particular malware threat. The detection count is calculated from infected PCs retrieved from diagnostic and scan log reports generated by SpyHunter.

Volume Count: Similar to the detection count, the Volume Count is specifically based on the number of confirmed and suspected threats infecting systems on a daily basis. High volume counts usually represent a popular threat but may or may not have infected a large number of systems. High detection count threats could lay dormant and have a low volume count. Criteria for Volume Count is relative to a daily detection count.

Trend Path: The Trend Path, utilizing an up arrow, down arrow or equal symbol, represents the level of recent movement of a particular threat. Up arrows represent an increase, down arrows represent a decline and the equal symbol represent no change to a threat's recent movement.

% Impact (Last 7 Days): This demonstrates a 7-day period change in the frequency of a malware threat infecting PCs. The percentage impact correlates directly to the current Trend Path to determine a rise or decline in the percentage.

Threat Level:	9/10
Infected PCs:	408

First Seen:	November 29, 2011
Last Seen:	October 11, 2022
OS(es) Affected:	Windows

PWS:Win32/Farei is a Trojan that snatches up password credentials and other forms of private information from FTP-related programs. SpywareRemove.com malware researchers have often noted PWS:Win32/Farei being installed by other Trojans, and removing PWS:Win32/Farei should be done with appropriate anti-malware system scans that can also detect and remove related Trojans like Win32/FakeScanti and Win32/Cycbot. Even if you don't use FTP file management programs, a PWS:Win32/Farei infection should still be considered hazardous for your PC, since PWS:Win32/Farei may be configured to steal other forms of information and may create network vulnerabilities in the course of its default behavior.

PWS:Win32/Farei – Taking Care of All Its Criminals' FTP Needs By Hijacking Your PC Data

Although PWS:Win32/Farei Trojans may be reconfigured to spy on other forms of information, PWS:Win32/Farei's foremost target is information that's related to FTP and online file management programs. PWS:Win32/Farei will target specific applications such as BitKinex, Core FTP, Direct FTP, FFFTP, FTP Client, FileZilla, Free FTP, Total Commander, Web Site Publisher and WebDrive (among others) to steal their passwords and account login items. Related details (such as port numbers that are in use and host information) may also be stolen.

PWS:Win32/Farei then proceeds to send this information out to remote criminals, who may exploit it to hijack your computer's FTP resources. SpywareRemove.com malware research team has noted that attacks like these are often used to distribute malicious software, but can also be exploited for other ends, including the theft of other forms of personal info (such as online bank logins) or long-term damage to your PC.

Putting PWS:Win32/Farei Back Where It Belongs

SpywareRemove.com malware experts have found that PWS:Win32/Farei lacks particularly-robust defense mechanisms and should be easily-removable by any competent anti-malware program. However, related Trojans that may have included PWS:Win32/Farei in their payloads may interfere with the process of removing PWS:Win32/Farei by blocking your software. In such cases, using Safe Mode or an external Windows boot will block off the Trojans from launching themselves and allow you to make full use of your anti-malware software.

PWS:Win32/Farei may also be detected by several aliases, depending on the brand of anti-malware scanner that's used to find PWS:Win32/Farei. PWS:Win32/Farei's most popular aliases include Trojan.Agent2!ChXpWmXSFdU, Trojan horse PSW.Agent.AMDQ, Trojan.Packed.21594, Trojan.Win32.Agent2.dlvm, W32/Suspicious_Gen2.LQDGT, TR/Spy.36352.84, Trojan.Heur.DP.cCW@ayhvbjo and Trj/Lukicsel.A. Because PWS:Win32/Farei has seen updates as recently as November of 2011, you should make certain that your anti-malware scanner has been given its most recent threat definitions updates prior to scanning for PWS:Win32/Farei, as new variants of PWS:Win32/Farei may be able to avoid detection by outdated scanners.

Symptoms that can be displayed by Trojans that are related to PWS:Win32/Farei are quite broad, and can include the presence of rogue anti-virus programs, browser redirects, pop-ups, modified system settings, keylogging and infecting other computers via networks or shared drive resources.

PWS:Win32/Farei

Threat Metric

PWS:Win32/Farei – Taking Care of All Its Criminals' FTP Needs By Hijacking Your PC Data

Putting PWS:Win32/Farei Back Where It Belongs

Leave a Reply