Misleading applications use various techniques such as fake security scans or exaggerated “malware found” reports to scare users to purchase their so-called solutions. To take this to next step, one such example of a misleading app—called “System Security”—is forcing users to purchase it because it can render a system nearly unusable. Once System Security is installed on a machine it terminates most of the active user processes such as Firefox, antivirus programs, Acrobat Reader, and others. Internet Explorer is spared from this list.
If the user tries to run Task Manager, antivirus software, or any other executable binary except Internet Explorer, this misleading application reports that the respective binary is infected and blocks...
Misleading applications, also known as rogue antispyware applications, use various techniques such as misleading task bar notifications, popup windows, and fake security scans to attempt to scare users into believing they will need to purchase the “protection” offered by the misleading apps. We have observed a new technique being used by misleading applications, one that involves asking users to pay for software from popular vendors.
As is typical with misleading applications, when executed, a fake security warning is initially displayed:
Then, a fake system scan is conducted and non-existent threats are reported on the system:
