Trojans are malicious applications that pose themselves as legitimate software in order to trick users to install them. Once on the victim's machine, it may run any number of malicious process to steal vital information or inflict damage to other software.
Comment:
FraudTool-AntiSpySpider is used to disable the Windows Task Manager and Registry editor. Can display an infection message in the system tray. This tool is used with AntiSpySpider to trick the user into purchasing the application. Downloads and displays advertisements.
Screenshots:
Fake malware warning.
Fake spyware warning message.
Manual
removal:
Disable System Restore.
Clean with X-Cleaner.
Do not restart the computer when X-Cleaner prompts.
Steps to re-enable the Task Manager and registry editor:
Go to Start->Run-> type mmc and hit enter.
The Console window will open.
Click on File and choose ->Add/Remove snap-in-
Then click on Add and you get a list of snap-in.
Select "Group Policy Object Editor" and click Add then click finish, close and last click OK
Under Console Root, expand the Local Computer Policy
Then expand the User Configuration container.
Click on Administrative Templates then click on System.
In the right pane find "Prevent access to registry editing tools" double click on it and dot Disabled. Click OK
Locate the Ctrl+Alt+Del Options folder. Click on it.
In the right pane, find "Remove Task Manager" double click on it and DOT disabled. Click OK
Close the Console window and reboot.
After reboot, remove the following files:
c:\WINDOWS\homepage.html
c:\WINDOWS\index.html
c:\WINDOWS\promo1.html
c:\WINDOWS\promo2.html
c:\WINDOWS\promo3.html
c:\WINDOWS\promo4.html
c:\WINDOWS\promo5.html
c:\WINDOWS\promo6.html
c:\WINDOWS\promogif1.gif
c:\WINDOWS\promogif2.gif
c:\WINDOWS\promogif3.gif
c:\WINDOWS\system32\adult.txt
c:\WINDOWS\system32\finance.txt
c:\WINDOWS\system32\lt.res
c:\WINDOWS\system32\other.txt
c:\WINDOWS\system32\pharma.txt
c:\WINDOWS\system32\sft.res
c:\WINDOWS\system32\sn.txt
4 [