Beware of fake Security Essentials software


Beware of fake Security Essentials software

Cliff Saran

Microsoft has warned users to be wary of sites promoting fake versions of its free Security Essentials anti-malware software.

In a blog posting on its Technet developer site, the company said, "One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software. It has been commonplace for them to mimic the Windows Security Center. So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials."

The fake product, called "Security Essentials 2010", installs a fake scanner component, which monitors Windows running processes and attempts to terminate the ones it does not like, claiming that they are infected. The user is prompted to pay money to register the software to remove the non-existent threats.

Additionally, it lowers a number of security settings in the registry and changes the desktop background to display a message stating, "Your computer is infected."

The fake anti-virus software also blocks access to web pages on a number of genuine anti-malware sites, including:

Trojan.FakeAlert.AUW (BitDefender)

Win32/FakeAV.ABR (CA)

Fraudtool.XPAntivirus.BCVY (VirusBuster)

Adware/AntivirusXPPro (Panda)

AntiVirus2008 (Symantec)

Win32/AdvancedVirusRemover.G (CA)

FakeAlert-KS.a (McAfee)

W32/FakeAlert.BRQF (Norman)

Trojan.Fakealert.12876 (Dr.Web)

Win32/TrojanDownloader.FakeAlert.AED (ESET)

Trojan-Downloader.Win32.Fakeinit (Ikarus)

FakeAlert!eh (McAfee)

Mal/FakeAV-BW (Sophos)

Trojan.FakeAV!gen18 (Symantec)


Email Alerts

Register now to receive IT-related news, guides and more, delivered to your inbox.
By submitting your personal information, you agree to receive emails regarding relevant products and special offers from TechTarget and its partners. You also agree that your personal information may be transferred and processed in the United States, and that you have read and agree to the Terms of Use and the Privacy Policy.

COMMENTS powered by Disqus  //  Commenting policy