Posts Comments

Trojan FakeAV

By admin on April 2, 2010 Leave a Comment

Explanation: Trojan FakeAV is a name given by security expert Trend Micro for rogue security software. Trend Micro identifies these malicious programs as those which that pretend to be legitimate system security programs to trick the user in to making some form of payment. In the process the Trojan FakeAV gains access to the user’s credit card information. Normally, Trojan FakeAV applications propagate through the internet by using a number of methods:

  • Social Engineering – users are tricked into installing the software, as it pretends to come from a legitimate source.
  • Trojan viruses – these viruses enter the user’s computer along with other fake applications such as browser plug-ins, video/audio codecs, free online malware scanners or e-mail attachments. Once they have entered the system, they automatically download and install Trojan FakeAV.
  • SEO poisoning techniques – Search Engine Optimization (SEO) is used to utilize the algorithms and functions used by popular web search engines in order to push a certain website up in search result rankings. These methods are also used by rogue software vendors, who place their URLs at the top of the search results for important queries such as recent news events. When the users click on these URLs, the browser will be redirected to a page that pushes a trial version of the Trojan FakeAV on to the user’s computer.

SpyHunter Download

Once a Trojan FakeAV has established itself on a user’s system, it will normally load itself as a service and run all the time. It will also generate fake security warnings that the user’s system is under threat in various ways. The Trojan FakeAV will also disable any system utilities such as Task Manager, Registry Editor and System Restore that could be used to uninstall them, as well as completely disabling any legitimate security software that the user has already installed on the computer. The Trojan FakeAV may also create actual malware on the computer and point them out to the user as threats, or create harmless files and point them out as threats, or simply point out useful and harmless system files as threats. It will perform these actions in the most attention-grabbing way, utilizing all the system resources such as taskbar pop-ups, desktop scan etc. Other symptoms may include the user’s desktop background being changed, Windows error screens (blue screens), and an error being displayed below the Windows logo when Windows boots up.

The culmination of all this activity occurs when the Trojan FakeAV requests some sort of monetary payment to be made by the user. Usually, this is done by claiming that the currently installed ‘trial’ version of the Trojan FakeAV is incapable of removing the previously detected false ‘threats’, and so the user should pay for a license to the ‘full’ version of the software. Other methods include promoting another Trojan FakeAV that can apparently ‘do the job better’ or ‘perform housekeeping tasks on the system’. Another gimmick is to claim that if the user buys the ‘full’ version, the vendor will donate a small sum to some charitable cause such as environmental protection. However, none of the statements made by the Trojan FakeAV are true at any point.

Filed Under: Virus Removal Tagged With: , ,

Speak Your Mind

*

RemoveVirus.org cannot be held liable for any damages that may occur from using our community virus removal guides. Viruses cause damage and unless you know what you are doing you may loose your data. We strongly suggest you backup your data before you attempt to remove any virus. Each product or service is a trademark of their respective company. We do make a commission off of each product we recommend. This is how removevirus.org is able to keep writing our virus removal guides. All Free based antivirus scanners recommended on this site are limited. This means they may not be fully functional and limited in use. A free trial scan allows you to see if that security client can pick up the virus you are infected with.