Windows MSRT Protects Against MSE Rogues
Windows Malicious Software Removal Tool (MSRT) is a handy utility that checks the Windows operating system for infections by specific, prevalent malicious software. Every Patch Tuesday, when Microsoft rolls out patches and fixes for its products, it also updates MSRT. This month, as part of the November '10 Patch Tuesday, the Redmond-based software giant updated MSRT so that it can tackle rogues that impersonate Microsoft Security Essentials (MSE). Imposters that claim to be MSE are classified by Microsoft as Win32/FakePAV.
“We've seen a few rogue security programs use elements of legitimate security software in order to try to make themselves appear more authentic,” commented Hamish O'Dea on behalf of the Microsoft Malware Protection Center. “It was inevitable that Microsoft Security Essentials would be the target of this kind mimicry. While some rogues have simply copied Security Essentials' name, others have gone further by imitating elements of the Security Essentials user interface. By far the most prevalent of these is Win32/FakePAV, which is this month's addition to the MSRT family list.”
Back in September we were reporting that Sophos, company that specializes in providing antivirus, anti-spam, spyware removal software, network and internet security, data protection, and computer security solutions, uncovered a Trojan that impersonates Microsoft Security Essentials (MSE). classified by Sophos as Troj/FakeAV-BTN, the Trojan displays a phony Microsoft Security Essentials alert that says a dangerous file identified as Unknown Win32/Trojan has been uncovered. It then claims not to be able to remove the threat; then it asks the user to “scan online” for a solution; and then it presents the user with 5 phony security software solutions that are supposedly capable of removing the infection.
The MSE-impersonating rogue once again made the headlines this October when Group Communications Manager with Microsoft Eric Foster issued a warning that fake MSE software is on the loose.
“FakePAV is a rogue that displays messages that imitate Microsoft Security Essentials threat reports in order to entice the user into downloading and paying for a rogue security scanner,” said Foster at the time. “The rogue persistently terminates numerous processes such as Windows Registry Editor, Internet Explorer, Windows Restore and other utilities and applications. This software is a fake. Do not be fooled by this scam. This malware can potentially cause consumers and small business owners harm.”
MSE has been around for more than a year now, offering properly good protection free of charge to Windows users who do not want to or simply cannot afford a paid security software solution. This September, when Microsoft celebrated MSE’s 1st anniversary , the Redmond-based software giant showcased just how good MSE really is. Here’s the lowdown:
“We've seen a few rogue security programs use elements of legitimate security software in order to try to make themselves appear more authentic,” commented Hamish O'Dea on behalf of the Microsoft Malware Protection Center. “It was inevitable that Microsoft Security Essentials would be the target of this kind mimicry. While some rogues have simply copied Security Essentials' name, others have gone further by imitating elements of the Security Essentials user interface. By far the most prevalent of these is Win32/FakePAV, which is this month's addition to the MSRT family list.”
Back in September we were reporting that Sophos, company that specializes in providing antivirus, anti-spam, spyware removal software, network and internet security, data protection, and computer security solutions, uncovered a Trojan that impersonates Microsoft Security Essentials (MSE). classified by Sophos as Troj/FakeAV-BTN, the Trojan displays a phony Microsoft Security Essentials alert that says a dangerous file identified as Unknown Win32/Trojan has been uncovered. It then claims not to be able to remove the threat; then it asks the user to “scan online” for a solution; and then it presents the user with 5 phony security software solutions that are supposedly capable of removing the infection.
The MSE-impersonating rogue once again made the headlines this October when Group Communications Manager with Microsoft Eric Foster issued a warning that fake MSE software is on the loose.
“FakePAV is a rogue that displays messages that imitate Microsoft Security Essentials threat reports in order to entice the user into downloading and paying for a rogue security scanner,” said Foster at the time. “The rogue persistently terminates numerous processes such as Windows Registry Editor, Internet Explorer, Windows Restore and other utilities and applications. This software is a fake. Do not be fooled by this scam. This malware can potentially cause consumers and small business owners harm.”
MSE has been around for more than a year now, offering properly good protection free of charge to Windows users who do not want to or simply cannot afford a paid security software solution. This September, when Microsoft celebrated MSE’s 1st anniversary , the Redmond-based software giant showcased just how good MSE really is. Here’s the lowdown:
- Microsoft Security Essentials detected nearly 400 million threats in its first year on the market.
- Virus Bulletin (highly reputable testing organization in the industry whose goal is to measure the detection effectiveness and quality of antivirus products) gave MSE a VB100 award this August.
- AV-TEST (an independent antivirus research and data security organization) said that MSE passed its test and received an AV-Test certificate – also this August.
- Microsoft Security Essentials is certified by International Computer Security Association Labs (ICSA) and West Coast Labs, two of the industry’s leading independent certification authorities.
- Microsoft Security Essentials received the PC Advisor Awards 2010 - Best Free Software award and is rated by Consumer Reports as a “Best Buy”.
