Windows Security Suite FAKE

Softman · ‎11-05-2010

A new email seems to be doing the rounds at the moment from DHL (possibly from any carrier) that state they tried to deliver a package but no one was available to receive it, so please open the attached form and fill it in to have it delivered again.

Now most of us know that this is spam and any attachment to an email like this is dangerous, but our poor receptionist thought it was legitimate and opened it.

Now I have had dealing with this malware before using Malwarebytes to remove it is relatively easy, but I am annoyed that Trend Micro Antivirus system (version 3.6 build 1095) we have installed let this one in let alone install and run.

Is Trend doing anything about this?

What’s the point of having a flagship antivirus system if you also have to buy malware software to protect your pc’s

Or am I doing something wrong?

herny08 · ‎06-09-2010

Dear Softman,

May I know what Anti-virus name and version intalled on your desktop environment?

The reason I ask is that we have current technology the can deal with preventing this type of malware to execute on the system.

You may refer to this link below, choose what product you have and check out behavior monitoring options

http://esupport.trendmicro.com/pages/How-to-configure-OfficeScan-for-best-protection-against-malware...

Similar to malware bytes, we also have tools to combat rogue or fakeav infection on the system. You may check out FakeAVremover tool that can be downloaded on the link below.

ftp://ftp-download.trendmicro.com/customer/fakeavremover

userid: ftpuser

password: ftp-trend

Let me know how it goes...

~Herny08

I am a Trend Micro employee. My comments and advice come from my personal knowledge and experience. I’m happy to volunteer what I can to help others have a great Trend Micro experience.

SusanW · ‎08-11-2009

We're following this issue over here: http://community.trendmicro.com/t5/Malware-Discussions/Is-this-an-actual-threat/m-p/17946#U17946

Softman · ‎11-05-2010

Thank you for replying, checked out what you have wrote and applied the recommendations, also downloaded your tool just in case this happens again.

I was impressed to see two Trend Micro responses so have now signed up an downloaded TITANIUM Maximum security for home use as I have had one of my daughters downloading this malware from the internet via a site that popped a window up that stated ‘The web page has a virus, click here to remove it’ D’oh

Just one thing on Titanium bought the 3 pc pack but could not find how to add one more pc to it.

So there you go, your responses created a sale take commission quick ;-)

herny08 · ‎06-09-2010

Dear Softman,

It sounds great! Thank you very much! we're glad to know that we're able to help you out

~Herny08

I am a Trend Micro employee. My comments and advice come from my personal knowledge and experience. I’m happy to volunteer what I can to help others have a great Trend Micro experience.

Softman · ‎11-05-2010

Just a quick update, I think this is being trapped now look at this

09/11/2010 09:01:57

ENGINEERING3

TROJ_BREDOLAB.DM

f1011090031101AAA.txt (DHL_mailing_label\DHL_mailing_label.exe)

E:\spool\AnEmailAddress\julie\

Thanks for all your help

Business Security Forum

Windows Security Suite FAKE

Re: Windows Security Suite FAKE

Re: Windows Security Suite FAKE

Re: Windows Security Suite FAKE

Re: Windows Security Suite FAKE

Re: Windows Security Suite FAKE