Users may encounter this kind of threat when they visit Web sites that attempt to convince them to remove non-existent malware or security risks from their computers by installing the bogus software. The Trojan can also be installed by other malware, drive-by downloads, and when downloading and installing other software.
Misleading Application - Applications that intentionally misrepresent the security status of a computer. These applications typically masquerade as security notifications about any fake infections that must be removed.
Rogue Security Software - A type of misleading application (also known as scareware) that pretends to be legitimate security software, such as an antivirus scanner or registry cleaner, but which actually provides the user with little or no protection whatsoever and, in some cases, can actually facilitate the installation of malicious code that it purports to protect against. Commonly, rogue security software claims that the programs can remove unwanted applications such as spyware or adware. Not only do these scams cheat users out of money by charging for their fraudulent product, but the personal and credit card information that users provide to register these fake products could also be used in additional fraudulent activity.
Trojan.FakeAV - A detection for Trojan horse programs that intentionally misrepresent the security status of a computer. These programs attempt to convince the user to purchase software in order to remove non-existent malware or security risks from the computer. The user is continually prompted to pay for the software using a credit card. Some programs employ tactics designed to annoy or disrupt the activities of the user until the software is purchased.
If you are unable to find the suspicious threat file(s), the Threat Analysis Scan built into SymHelp is designed to complement mainline antivirus applications by detecting and remediating specific types of threats:
Please see the following Knowledge Base Article for additional information:
If you use the Symantec Endpoint Protection Manager to manage SEP clients, consider the following articles:
Additional articles with excellent information and valuable links to podcasts, blog posts, videos and other resources on the topic.