Foreign media reports: Win7 users should be alert to fake anti-virus software

According to foreign media reports, the PandaLabs blog recently pointed out that the new Scareware software can be disguised as a Windows 7 application. Unlike general Scareware, computer criminals have optimized the look of Scareware software to look very similar to Microsoft's latest Windows 7 operating system interface.

According to reports, Scareware is also known as Rogueware, or directly called fake anti-virus software. It is a legitimate application that induces web users to purchase or download useless licenses, even malware that is harmful to the computer.

The new Scareware software perfectly replicates the Windows 7 window interface, but it's actually a fake anti-virus software.

It should be noted that this is an executable program. The user cannot click on the seemingly normal threat prompt window that pops up on the web page. Scareware software does not really scan the system, so it does not trigger the UAC prompt for Windows 7. In general, Scareware will extrude infected users by encrypting user files, requiring users to purchase licenses to decrypt encrypted files. Its sole purpose is to defraud the user's money.

In this case, regular anti-virus software does not necessarily detect it unless it is a signed Scareware. If it is automatically installed after the system is rebooted, it will trigger a UAC prompt. As a well-developed EXE program, this program can (in theory) change its interface according to the version of Windows. It may look very much like a Windows 7 program, or it may be like Vista and XP programs.

It is also reported that once the user executes this software, scareware will not only prevent users from loading legitimate security software, but also prevent users from obtaining the latest security data updates. In addition, system tools and third-party applications will be blocked from deleting themselves.