English Deutsch Español Français Italiano Portuguese Čeština Ελληνικά 中文(简体) 中文 (繁體) Tiếng Việt 日本語 ภาษาไทย Русский Български Nederlands Polski Svenska Norsk Dansk Suomi

McAfee Secure sites help keep you safe from identity theft, credit card fraud, spyware, spam, viruses and online scams

Compatible with Windows 7

Works with Windows Vista

SPAMfighter is

Microsoft Gold Certified Partner

Microsoft Detect Two New Bogus Windows Antivirus Software

According to security news reported by SOFTPEDIA on December 18, 2008, Microsoft, along with the Washington Attorney General Office, has started taking legal actions against makers of fake antivirus products. It is also fighting with a new infection targeting its operating systems by installing single piece of malicious code at a time.

Reports stated that two new fake antivirus families, Win32/Yektel and Win32/FakeXPA, have been added to Microsoft's signatures list this month. Both the families have been put on top of Win32/FakeSecSen identified by Microsoft in the month of November 2008.

After one week of releasing MSRT (Malicious Software Removal Tool) November 2008 figures, the prevalence level of Win32/FakeXPA was recorded at a lower level than Win32/FakeSecSen. Moreover, Win32/FakeSecSen was eliminated from 994,061 computers. According to security experts at Microsoft, Win32/FakeXPA generally downloads a number of components and each installation consists of a Control Panel applet (.CPL) and an executable (.EXE). The function of .CPL is launching EXE.

Security researchers said that both the fake antivirus, Win32/FakeSecSen and Win32/FakeXPA, exhibit signs that they are running, although it is not clear if they are fake. Unfortunately, both of them act like legitimate software in several ways. For instance, they contain full GUIs (Graphical User Interface) that provide them real look and feel of authentic security products. But the good thing about them is that they are easy to disable while running unlike other malicious software.

For instance, an infected user can identify Win32/FakeXPA EXE just by following "Antivirus 2009" shortcut available on the desktop. Hence, manual elimination of the malware is easier than other malware.

Moreover, it should not surprise anyone that Win32/Yektel largely overlaps Win32/FakeXPA or vice versa. Microsoft cleaned nearly 61,439 machines containing both the malware. In contrast, 107,459 machines in total were cleaned from malware Win32/Yektel, showing that a large proportion of cases include Yektel malware in isolation.

Meanwhile, Microsoft security experts stated that creators of Win32/FakeSecSen have found new methods of money making. This is evident from a dramatic fall in Win32/FakeSecSen removal cases in December 2008 and no new variant of it has been detected for past some time.

» SPAMfighter News - 02-01-2009

Bookmark and Share
Twitter Facebook RSS

SPAMfighter box shot

SPAMfighter is a free spam filter for Outlook, Outlook Express,Windows Mail and Thunderbird

Optimize Slow PC

Optimize your Slow PC for better performance. Try FREE scan now

Exchange spam filter

SPAMfighter Exchange Module is a Spam filter for Exchange server - Free 30 days trial

 

Spyware remover

Remove Spyware with SPYWAREfighter - Free 30 days trial


anti virus

Antivirus software for your Windows PC - Free 30 days trial

<<<>>>