Microsoft is warning users about a fake anti virus product named "Security Essentials 2010", near identical to the naming of the company's own protection software.
The fake software is actually the trojan Win32/Fakeinit. If a user installs the software then Fakeinit’s downloader installs a fake scanner component that monitors other processes and attempts to terminate them. In some cases, processes will be flagged as if they are infected. The trojan also lowers a number of security settings in the registry and changes the desktop background to an unchangeable multicoloured warning:
"Well, it had to happen eventually. One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software. It’s been commonplace for them to mimic the Windows Security Center. So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials. If anything, it surprises me a little that it’s taken so long," said David Woods at Microsoft Security.
Microsoft confirmed its own genuine Security Essentials software removes the trojan. Security Essentials is designed to work on Windows XP, Vista and 7 and protects end users against virus threats and spy ware. MSE is Microsoft's free anti-virus and anti-spyware product that is set to replace Microsoft's paid Windows Live OneCare subscription service which was withdrawn earlier this year. Neowin exclusively revealed Security Essentials in June when it was codenamed "Morro".
The fake Security Essentials 2010 also prompts end users to activate and pay for a "full version". Microsoft's own Security Essentials is available free for download:
Download: Windows XP (32 bit)
Download: Windows Vista & Windows 7 (32 bit)
Download: Windows Vista & Windows 7 (64 bit)
Thanks to Shayla for the news tip
54 Comments - Add comment