CertLock Trojan Blocks Security Programs by Disallowing Their Certificates

  • 8 June 2017
  • 1 reply
  • 383 views

Userlevel 7
Badge +52
A new trend in adware and unwanted program purveyors is to install protection software that makes it more difficult for Windows users to run their security programs and clean infections. This was seen with the SmartService rootkit that blocked AV software from running and now with a protection program being called CertLock.
 
Since the end of May, security forum helpers have noticed reports that people are not able to install and run security programs on their infected computers. When they try to run the programs, they are greeted with an alert that states that the publisher has been blocked from running on the computer.
 
It turns out that this is being caused by CertLock disallowing a security vendor's certificate on the affected computer so that Windows does not allow the program to run.
Full Article

1 reply

Userlevel 7
Very cunning and clever...the miscreants continue to surprise with their inventiveness. :@

Reply