TROJ_FAKEAV.EHM
Threat Scorecard
EnigmaSoft Threat Scorecard
EnigmaSoft Threat Scorecards are assessment reports for different malware threats which have been collected and analyzed by our research team. EnigmaSoft Threat Scorecards evaluate and rank threats using several metrics including real-world and potential risk factors, trends, frequency, prevalence, and persistence. EnigmaSoft Threat Scorecards are updated regularly based on our research data and metrics and are useful for a wide range of computer users, from end users seeking solutions to remove malware from their systems to security experts analyzing threats.
EnigmaSoft Threat Scorecards display a variety of useful information, including:
Ranking: The ranking of a particular threat in EnigmaSoft’s Threat Database.
Severity Level: The determined severity level of an object, represented numerically, based on our risk modeling process and research, as explained in our Threat Assessment Criteria.
Infected Computers: The number of confirmed and suspected cases of a particular threat detected on infected computers as reported by SpyHunter.
See also Threat Assessment Criteria.
| Threat Level: | 90 % (High) |
| Infected Computers: | 113 |
| First Seen: | November 2, 2012 |
| Last Seen: | July 16, 2022 |
| OS(es) Affected: | Windows |
TROJ_FAKEAV.EHM is a Trojan that installs a fake anti-virus program on the victim's computer. While these are among the most common kinds of malware threats today, TROJ_FAKEAV.EHM has caught the attention of PC security researchers because TROJ_FAKEAV.EHM is part of a new trend in rogue security software. With the gradual adoption of Windows 8 among computer users, criminals have started integrating this new operating system into their own fake security programs. Because of this, TROJ_FAKEAV.EHM will install fake security applications with names such as Win 8 Security System, Win 8 Security Suite 2013, or Win 8 Internet Security.
These kinds of bogus anti-virus programs are not difficult to recognize for what they are and are typically used to scam computer users that are not experienced. If you discover that a fake security program matching rogue anti-virus applications associated with TROJ_FAKEAV.EHM has been installed on your computer, you should use a reliable anti-virus program to scan your hard drives in order to remove TROJ_FAKEAV.EHM and its associated components completely.
Rogue security programs like Win 8 Security System that target a particular operating system are not uncommon. In the last several years, ESG security researchers have observed rogue security applications that target specific versions of Windows using words like XP, Vista or Win 7 in their titles. In fact, fake security programs named XP Security System, Vista Security System and Win 7 Security System all exist. While some of these may be associated with TROJ_FAKEAV.EHM, there are several families of malware responsible for these kinds of infections.
Rogue security applications installed by TROJ_FAKEAV.EHM are used to convince inexperienced computer users that the target computer is under attack. To do this, TROJ_FAKEAV.EHM causes the infected computer to display alarming error messages to convince the computer user to attempt to remove these nonexistent problems with the rogue security program. This leads to additional error messages urging the victim to upgrade their version or the rogue security application. Of course, this upgrade is not free and is just as useless as the non-upgraded version. TROJ_FAKEAV.EHM is often distributed using fake online malware scans (usually in the form of a Flash advertisement) or via spam email messages. To avoid a TROJ_FAKEAV.EHM infection, ESG security researchers advise staying away from websites typically considered unsafe and never downloading content without understanding where it comes from and what it is.
File System Details
| # | File Name |
Detections
Detections: The number of confirmed and suspected cases of a particular threat detected on
infected computers as reported by SpyHunter.
|
|---|---|---|
| 1. | %System%\drivers\{RANDOM CHARACTERS 2}.sys | |
| 2. | %Application Data%\{RANDOM CHARACTERS}.exe | |
| 3. | %Desktop%\Buy Win 8 Security System.lnk | |
| 4. | %Start Menu\Programs\Win 8 Security System\Buy Win 8 Security System.lnk | |
| 5. | %Start Menu\Programs\Win 8 Security System\Launch Win 8 Security System.lnk |
Submit Comment
Please DO NOT use this comment system for support or billing questions. For SpyHunter technical support requests, please contact our technical support team directly by opening a customer support ticket via your SpyHunter. For billing issues, please refer to our "Billing Questions or Problems?" page. For general inquiries (complaints, legal, press, marketing, copyright), visit our "Inquiries and Feedback" page.