Tag: FakeAV

Fake Antivirus “Security Tool” terminating new processes

This fake antivirus software calling itself “Security Tool” intercepts binary files at the point of execution terminates it. Weather it be a bat, com or exe extension the fake av terminates them upon execution. This can be very frustrating when trying to remove this malware on a standalone machine. Fortunately not all processes get terminated;…


Fake Antivirus “XP Guardian 2010” exe hijacking

Another fake antivirus software calling itself “XP Guardian 2010” is doing its rounds displaying bogus pop-ups and fake scans enticing you to buy its product. What is interesting about this malware is that this one changes the machine exe associations in the Windows registry. When any executable with an exe extension is manually or automatically…