You're in: Panda Security > Home Users > security-info > about-malware > encyclopedia > overview
Active Scan. Scan your PC free
Panda Security Product Line 2012

Virus Encyclopedia

Welcome to the Virus Encyclopedia of Panda Security.

Encyclopedia GetVirusCard True 0

SecurityTool2010

 
Threat LevelLow threatDamageHighDistributionNot widespread

Effects 

SecurityTool2010 carries out the following actions:

  • When it is run, a windows like the following is displayed and it starts scanning the system in search for possible malware:

    Scan carried out by SecurityTool2010
  • Once finished, it displays several warning messagesinforming users that their computer is infected:

    Warning messages displayed by SecurityTool2010
  • If users follow the instructions of the program and decide to activate the fake solution, they will be redirected to the website where the program can be purchased.
  • If, on the contrary, they decide not to follow these recommendations, from time to time warning messages will be displayed reminding users that their computer is infected.
  • Additionally, it creates a shortcut to the program in the Desktop:

    Shortcut to SecurityTool2010

Infection strategy 

SecurityTool2010 creates the following files in the folder Application data of the Documents and Settings directory:

  • ASECTOOL.EXE, which is a copy of the program.
  • SCAN.DLL
  • 1TMP.BAT
  • SECMOF.TMP

 

SecurityTool2010 creates several shortcuts to the program:

  • in the Desktop:

    Acceso directo al programa
  • in the Start menu.

 

SecurityTool2010 creates the following entries in the Windows Registry:

  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run
    AdvSecTool = C:\Documents and Settings\Application data\asectool.exe
    By creating this entry, SecurityTool2010 ensures that it is run whenever Windows is started.
  • HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Associations
    LowRiskFileTypes = .exe;
    By creating this entry, it modifies the security level for the execution of executable files.
  • HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\Winlogon
    Shell = C:\Documents and Settings\usuario\Application data\asectool.exe /sn
  • HKEY_CURRENT_USER\Software\Advanced Security
    Autorun
  • HKEY_CURRENT_USER\Software\Advanced Security
    fstart
  • HKEY_CURRENT_USER\Software\Advanced Security
    Minimize
  • HKEY_CURRENT_USER\Software\Advanced Security
    Scan
  • HKEY_CURRENT_USER\Software\Advanced Security
    UpdateDate
  • HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{80c10400-59cb-4c79-97ce-cc693103afca}
  • HKEY_CLASSES_ROOT\TypeLib\{58B4E0F5-F122-4C02-B038-C482D998486A}
  • HKEY_CLASSES_ROOT\Interface\{9692BE2F-EB8F-49D9-A11C-C24C1EF734D5}
  • HKEY_CLASSES_ROOT\Interface\{4B66E1DF-4DE3-4CDA-83B5-11673EADAB0B}
  • HKEY_CLASSES_ROOT\CLSID\{80c10400-59cb-4c79-97ce-cc693103afca}
  • HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz.1
  • HKEY_CLASSES_ROOT\BrcWizApp.BrcWiz

Means of transmission 

SecurityTool2010 can reach the computer when the user accesses certain websites which display banners or pop-up windows which lead to the download of this program. It can also reach the computer in a link that can be received via spam messages, fraudulent websites, etc.

Further Details  

SecurityTool2010 is 933,888 bytes in size.

>