A new Trojan that is disguising itself as Microsoft’s no-cost antimalware program Microsoft Security Essentials is also known in the technical world of antimalware combat as “Win32/FakePAV”. FakePAV is a rogue that displays messages that imitate Microsoft Security Essentials threat reports in order to entice the user into downloading and paying for a rogue security scanner. The rogue persistently terminates numerous processes such as Windows Registry Editor, Internet Explorer, Windows Restore and other utilities and applications.

This fake software is distributed by a tactic commonly described as a “drive-by download” and shows up as a hotfix.exe or as an mstsc.exe file. Additionally, after the fake Microsoft Security Essentials software reports it cannot clean the claimed malware infection, it offers to install additional antimalware rogues (with names such as AntiSpySafeguard, Major Defense Kit, Peak Protection, Pest Detector and Red Cross). Lastly, this fake program will try to scare you into purchasing a product.

This software is a fake. Do not be fooled by this scam. This malware can potentially cause consumers and small business owners harm.

Once the simulated scan by this fake software completes, it will claim a solution was found and list products that can ‘clean’ the system (the listed products are fake removal tools). So anything mimicking Microsoft Security Essentials but asking for any sort of payment is clearly up to no good.

image

If you believe your machine has become infected, we encourage you to use Microsoft Security Essentials to check your PC for malware and to help remove them from your system.

Get virus-related assistance at no charge from Microsoft here: http://www.microsoft.com/protect/support/default.mspx.

For more information on this FakePAV please visit our encyclopedia entry at http://www.microsoft.com/security/portal/Threat/Encyclopedia/Entry.aspx?Name=Rogue%3aWin32%2fFakePAV. It contains a lot of information that may help answer questions about this rogue.

And remember: Microsoft does not charge for Microsoft Security Essentials. You can find the legitimate version of Microsoft Security Essentials at http://www.microsoft.com/security_essentials.

Leave a Reply

Your email address will not be published. Required fields are marked *