Fake Microsoft Security Essentials 2010 Detected

According to security researchers, they have just uncovered a phony antivirus program called "Security Essentials 2010." Apparently, the perpetrators copied insignificant parts of a real Microsoft security program so that they could make their own software appear genuine.

The researchers stated that it was common to find fake antivirus software resembling genuine security software in terms of feel and look. They even used the labels of genuine security programs, the experts said.

Security Essentials 2010 represents fake anti-spyware software. Moreover, it is a predecessor of other bogus software such as Internet Security 2010, XP Internet Security 2010, Vista Internet Security 2010, Vista Guardian 2010, and Antivir 2010.

The researchers explain that to install Security Essentials 2010 on anybody's PC, a Trojan installer is used via phony downloads for video codecs. When this Trojan installs itself on the PC, Security Essentials 2010 starts running at Windows startup. Subsequently, the rogue anti-spyware falsely begins scanning the PC and shows fake security alerts so that the user gets scared and agrees to buy the complete edition of Security Essentials 2010.

When Security Essentials 2010 is loaded, the software will become active automatically immediately as the user accesses Windows. In case, the user attempts to eliminate the security threats through Security Essentials 2010, it will prompt him to first buy the software.

David Wood, Researcher at Microsoft, disclosed that the software was actually Trojan:Win32/Fakeinit, which contaminated Windows computers, as reported by Softpedia on February 25, 2010.

Wood further said that in addition to loading the bogus system scanner, 'Fakeinit' also keeps track of other processes running on the system and deactivates those it regards as obstacles. Besides, it weakens several security configurations within system registry and alters the desktop background where an alarming message appears. Additionally, it customizes the registry; therefore, this background remains unchanged, the researcher added.

It is therefore advisable that computer users remain careful of this rogueware, which is intended to frighten them into believing that malware has infected their systems. This is really to scam them and make them buy the program. Thus, users shouldn't get carried away with the fraud, the security experts recommended.

Related article: Fake Spam Mail Announces Australian PM’s Heart Attack

» SPAMfighter News - 3/6/2010