Fake Microsoft Security Essentials Program Making the Rounds

rated by 0 users
This post has 8 Replies | 2 Followers

Top 10 Contributor
Posts 26,097
Points 1,183,565
Joined: Sep 2007
ForumsAdministrator
News Posted: Mon, Oct 25 2010 10:14 AM

Security firm F-Secure is warning that a malicious program spoofing Microsoft's free Microsoft Security Essentials antivirus program is being distributed via drive-by download as either hotfix.exe or mstsc.exe.

"Not only does this fake took steal Microsoft's brand, it also features a bizarre matrix display of 32 antivirus products, offering to locate you a tool that would be capable of fixing your machine as 'Microsoft Security Essentials' can't clean the malware it found," F-Secure said. "In reality, this is all fake, and the tool has not found an infection in the fail it claims."


Seen this screen lately? If so, you have a fake AV running amok on your system.

The tricky install then tells users that the only programs able to clean out the infection are AntiSpySafeguard, Major Defense Kit, Peak Protection, Pest Detector, and Red Cross. Savvy HotHardware readers already know what these all have in common -- they're all fake AV scanners -- but for an inexperienced user, the alerts look legit. Now would be a good time to call/email your folks and offer up a reminder about safe computing habits.

  • | Post Points: 80
Top 10 Contributor
Posts 8,622
Points 103,905
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
MembershipAdministrator
Moderator
realneil replied on Mon, Oct 25 2010 8:43 PM

With my free AVAST, I don't see this kind of crap.

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Not Ranked
Posts 43
Points 530
Joined: Oct 2010
Location: Calgary, Alberta, Canada
BMAN replied on Tue, Oct 26 2010 7:06 AM

with the authentic MSE, this page would never (and doesn't) come up.

system specs

Intel i5 3570***, ASUS Sabertooth Z77, Corsair AX850, 16GB Corsair Vengeance DDR3, Corsair Force 3 Series GT  SSD (120GB), WD VelociRaptor (300GB), water-cooled HIS Radeon HD7950, AZZA Genesis 9000, EKWB Supremacy CQ CPU block, XSPC RX360, EKWB-DCP 4.0 pump, Windows 7 H.P. - 64 bit

  • | Post Points: 20
Not Ranked
Posts 1
Points 5
Joined: Oct 2010
ABokor replied on Tue, Oct 26 2010 3:19 PM

just use a Mac

  • | Post Points: 5
Top 10 Contributor
Posts 5,053
Points 60,715
Joined: May 2008
Location: U.S.
Moderator
3vi1 replied on Tue, Oct 26 2010 4:00 PM

So... you trust Microsoft for a security solution that's supposed to catch all the stuff that was missed by... the manufacturer of the OS?

I wonder why this stuff isn't just built into the OS? Oh right, they rather have people using pirated, virus-infested copies than have anyone actually try the competition. The whole thing about MSE is that you have to "get genuine" before you can install it.

What part of "Ph'nglui mglw'nafh Cthulhu R'lyeh wgah'nagl fhtagn" don't you understand?

++++++++++++[>++++>+++++++++>+++>+<<<<-]>+++.>++++++++++.-------------.+++.>---.>--.

  • | Post Points: 5
Top 500 Contributor
Posts 216
Points 2,135
Joined: Mar 2010
SmogHog replied on Fri, Nov 5 2010 5:56 AM

There's a free program called Remove Fake AntiVirus that can remove about 70 of these fakes at last count.

Some of them are quite difficult to remove.

Many AV programs are good at detection but not at complete removal.

  • | Post Points: 20
Not Ranked
Posts 23
Points 175
Joined: Nov 2010
sure thats not a trojan itself? the problem is that many av programs can't clean all viruses
  • | Post Points: 20
Top 10 Contributor
Posts 8,622
Points 103,905
Joined: Apr 2009
Location: Shenandoah Valley, Virginia
MembershipAdministrator
Moderator
realneil replied on Thu, Dec 30 2010 6:18 PM

What I said above,..........

Wilted FlowerWWW.AVAST.COMWilted Flower

 

Dogs are great judges of character, and if your dog doesn't like somebody being around, you shouldn't trust them.

  • | Post Points: 5
Not Ranked
Posts 3
Points 45
Joined: Feb 2011

Live Messenger can certainly be used to spread it if you're not careful with clicking on links and downloading files - just like other trojans and malware. It's just another way into your system. I don't know if it is the primary means of spreading at the moment - others will need to answer that (if it is known).

  • | Post Points: 5
Page 1 of 1 (9 items) | RSS