Show

Microsoft warns of fake "Security Essentials 2010" anti-virus software

Tom Warren
26 February 2010 - 08:30
57 Comments
Liked this (0)

Microsoft is warning users about a fake anti virus product named "Security Essentials 2010", near identical to the naming of the company's own protection software.

The fake software is actually the trojan Win32/Fakeinit. If a user installs the software then Fakeinit’s downloader installs a fake scanner component that monitors other processes and attempts to terminate them. In some cases, processes will be flagged as if they are infected. The trojan also lowers a number of security settings in the registry and changes the desktop background to an unchangeable multicoloured warning:

"Well, it had to happen eventually. One of the oldest tricks used by rogue antivirus products is to use a similar name as, or have a similar look and feel to, legitimate security software. It’s been commonplace for them to mimic the Windows Security Center. So it was inevitable that the day would arrive when a rogue would masquerade as something similar to Microsoft Security Essentials. If anything, it surprises me a little that it’s taken so long," said David Woods at Microsoft Security.

Microsoft confirmed its own genuine Security Essentials software removes the trojan. Security Essentials is designed to work on Windows XP, Vista and 7 and protects end users against virus threats and spy ware. MSE is Microsoft's free anti-virus and anti-spyware product that is set to replace Microsoft's paid Windows Live OneCare subscription service which was withdrawn earlier this year. Neowin exclusively revealed Security Essentials in June when it was codenamed "Morro".

The fake Security Essentials 2010 also prompts end users to activate and pay for a "full version". Microsoft's own Security Essentials is available free for download:

Download: Windows XP (32 bit)
Download: Windows Vista & Windows 7 (32 bit)
Download: Windows Vista & Windows 7 (64 bit)

Thanks to Shayla for the news tip

Comments (57)

  1. freeeekyyy - 26 February 2010 - 08:38

    Must be a slow day at neowin. These things are never surprising. I'll bet it was created by the same people who did antivirus xp and vista antivirus.

  2. Pam14160 - 26 February 2010 - 08:49

    Slow day or not; this is good information for those who may just mistake the Security Essentials 2010 for Microsoft Security Essentials. This is the type of information that Neowin needs to be putting out to those are not as computer intelligent as you may be.

    Thank You Neowin for this important information.

  3. badblood - 26 February 2010 - 08:50

    freeeekyyy said,
    Must be a slow day at neowin. These things are never surprising. I'll bet it was created by the same people who did antivirus xp and vista antivirus.

    Just becuase this is common practice doesn't mean it's a slow news day. I use MSE, but others who are less IT literate might just assume it's the same thing.
    I found this an interesting read, not that it enlightened me about the practice of the malicious IT people out there, as I know that it happens.

    I second the thank you to Neowin.

    Edit (badblood, 26 February 2010 - 08:51):

  4. +Beastage - 26 February 2010 - 08:51

    freeeekyyy said,
    Must be a slow day at neowin. These things are never surprising. I'll bet it was created by the same people who did antivirus xp and vista antivirus.

    Actually I am still surprised how many people fall for this after all the guides, news and information they get to avoid this.

    You have no idea how many laptops we clean at work from this mess.

  5. Billus - 26 February 2010 - 12:19

    Beastage said,

    Actually I am still surprised how many people fall for this after all the guides, news and information they get to avoid this.

    You have no idea how many laptops we clean at work from this mess.

    Yea dude, not everyone reads the IT section of the newspaper, there are many more important things to worry about. Besides, technology reports in everyday papers is just horrendous, basically a bunch of Apple iPhone reports and how they've revolutionized the market, not surprised that many get hoodwinked by this.

  6. war - 26 February 2010 - 19:52

    Beastage said,

    Actually I am still surprised how many people fall for this after all the guides, news and information they get to avoid this.

    You have no idea how many laptops we clean at work from this mess.

    Not surprising to me at all. Your typical user is a complete idiot. Your typical user is not smart enough to know he/she should be downloading Security Essentials directly from microsoft.com.

    They instead use a crappy search engines, via a toolbar he/she installed to find anti-virus. But of course the search results are filled with spyware pages. After all the idiot installed the toolbar.

    Edit (war, 26 February 2010 - 19:53):

  7. jesseinsf - 28 February 2010 - 22:45

    Beastage said,

    Actually I am still surprised how many people fall for this after all the guides, news and information they get to avoid this.

    You have no idea how many laptops we clean at work from this mess.


    But when dumb people do illegal downloading and they open what they downloaded, they would most likely get infected. I believe half of this so called "Scareware" comes from downloading illegal/pirated stuff.

  8. Cat Fluid - 01 March 2010 - 02:31

    jesseinsf said,

    I believe half of this so called "Scareware" comes from downloading illegal/pirated stuff.

    Do you have sources to substantiate your opinion? You do realize that you're calling a criminal anyone who ends up with malware. That's a very ignorant view.

  9. Captain555 - 01 March 2010 - 17:57

    jesseinsf said,
    I believe half of this so called "Scareware" comes from downloading illegal/pirated stuff.

    I agree with Cat Fluid, that's not a very educated statement. From my experience in my repair shop, when people bring a PC with these fake AV, it's almost all the time from free porn site. Some will warn me right up front, but I can always find evidence in the explorer cache.

  10. tensegrity - 26 February 2010 - 09:06

    Are the download links to the fake or real antivirii software, they aren't labeller so it's hard to tell?

  11. +StevenNT - 26 February 2010 - 09:30

    tensegrity said,
    Are the download links to the fake or real antivirii software, they aren't labeller so it's hard to tell?

    Look more closely at the last part of the last paragraph which says the following "Microsoft's own Security Essentials is available free for download" and the download links point to microsoft.com so yes they are genuine links to the real MSE product.

    Edit (StevenNT, 26 February 2010 - 09:31):

  12. GreyWolf - 26 February 2010 - 19:52

    tensegrity said,
    Are the download links to the fake or real antivirii software, they aren't labeller so it's hard to tell?

    We wouldn't post the link to the malware. :)

  13. war - 26 February 2010 - 19:54

    tensegrity said,
    Are the download links to the fake or real antivirii software, they aren't labeller so it's hard to tell?
    Simply move your mouse over the link and look in the status bar and it shows you they are links to microsoft.com .

    So you just blindly click on links do you? So typical!

    Edit (war, 26 February 2010 - 19:54):

  14. CoolBits - 26 February 2010 - 09:11

    uff again windows only - software...

    /jk :)

  15. war - 26 February 2010 - 19:54

    CoolBits said,
    uff again windows only - software...

    /jk :)

    Get over yourself. ;)

  16. TRC - 26 February 2010 - 09:30

    It's really sad that people who have the skills to write these fake antivirus programs don't use it for something honest and productive instead of being scumbags. Though they probably live in third world holes in the ground where there are no jobs.

    Edit (TRC, 26 February 2010 - 09:30):

  17. cork1958 - 26 February 2010 - 11:13

    TRC said,
    It's really sad that people who have the skills to write these fake antivirus programs don't use it for something honest and productive instead of being scumbags. Though they probably live in third world holes in the ground where there are no jobs.

    You mean they probably live in Michigan where there are no jobs because Jenny has finally fulfilled her promise to blow us away, if elected!

  18. RealFduch - 26 February 2010 - 11:15

    TRC said,
    It's really sad that people who have the skills to write these fake antivirus programs don't use it for something honest and productive instead of being scumbags. Though they probably live in third world holes in the ground where there are no jobs.

    The sad part is that good honesty and hard working is not paying off nowadays. But lying is highly praised and profitable. Just look at Apple's smugness.

  19. war - 26 February 2010 - 19:56

    TRC said,
    It's really sad that people who have the skills to write these fake antivirus programs don't use it for something honest and productive instead of being scumbags. Though they probably live in third world holes in the ground where there are no jobs.
    That's because it pays the bills. Unlike being honest which takes a lot of hard work and mostly likely you end up broke or worse in debut in the end.

  20. +what - 26 February 2010 - 09:59

    Unfortunately, the people reading this site aren't the sort of people that will have problems with this kind of thing. It's the uneducated PC users that need this kind of information.

Please Log In or Register to post a comment.