Windows Security Center - FakeAV

Just to add further confirmation.

I just ran it on a fresh updated Win7x64 VM

CIS with AV fully in default config.
The AV Blocked it during extraction. Disabled AV.
Ran malware.exe

It removed completely the Security Center Service and Windows Defender Service.
It may have done more, those mentioned were all I looked for.


Did anybody test this malware against 5.8 beta?

The latest BETA should be defending against this now.

Thanks for letting us know. It’s what I assumed.