Over the past couple of years I've been contacted by clients saying they downloaded an Anti-Virus/Anti-Spyware program and found out that their pc is packed with viruses. Upon inspection I find out that the only malicious code present is the actual software they downloaded.
Microsoft announced on Wednesday that malware writers have created a malicious applications with a similar name, look and feel to the company's legitimate security software (Microsoft Security Essentials) mainly targeted to attack inexperienced users. The fake antivirus is called "Security Essentials 2010" and contains the Trojan Win32/Fakeinit.
Once installed, the malware downloads and installs a fake scanner that monitors processes and terminates ones it doesn't like, claiming they are infected. It also lowers some security settings in the registry, and changes the desktop background to display the warning seen below while modifying the registry to prevent the wallpaper from being altered.
Furthermore, it downloads and installs Win32/Alureon and another Layered Service Provider component, which monitors TCP traffic sent by Web browsers and blocks certain domains, instead displaying this message. Naturally, the malware also requests that users pay for a subscription to use a "full version" of the software.
There are various variations of this software. before downloading any (anti-virus) software, make sure it is legitimate, if you are not sure, ask for help or simply download AVG Anti Virus
