Rogue Antivirus Terminates EXE Files

This weekend, we at TrendLabs came across a FAKEAV variant similar to the one peddled in the solar eclipse 2009 in America attack in this recent blog post. This one, however, introduces another new scare tactic (so far the latest new ploy we’ve seen is the ransomware/FAKEAV that encrypts files in the infected computer and offers a bogus fixtool for a price).

This FAKEAV variant terminates any executed file with an .EXE file extension and displays a pop-up message saying that the .EXE file is infected and cannot execute.


Click for larger view Click for larger view

This way, users are left with no choice but to activate the antivirus product since no other application works. This Trojan is detected by Trend Micro as TROJ_FAKEAV.B. It avoids terminating critical processes to prevent system crashes.

Unfortunately, cybercriminals work hard in creating so many gimmicks, that we can only guess what comes next in FAKEAV. Fortunately though, the Trend Micro Smart Protection Network provides users protection from such threats.

Post from: TrendLabs | Malware Blog - by Trend Micro

Rogue Antivirus Terminates EXE Files
27 de July de 2009 | Sin Comentar | Categoría malwares
Añadir un comentario 48 visitas, 1 Hoy |
  • No Related Post

.


Ultimas Entradas

Populares

Populares Hoy