- Messages
- 738
Some of you may remember the 2010 version of the fake Microsoft Security Essentials. In the last a totally new Aero styled twist to the previously known "protector.exe" trojan dropper that saw the fake SE or Windows Doctor scamware placed on your system has a new cousin to watch out for!
This latest malware will easily slip past any effect web guard as well as just about any av program! The user will unwittingly expose themselves to this by whatever form disguishes it to begin with.
The now called "protector-xfg.exe" trojan dropper downloads several trojans along with a fake "Security Essentials - Windows Defender". Note when trying to bring up the taskmanager to find out what process is new to end it you will find the SE along with a "Windows Process Manager" which basically takes over the taskmanager entirely preventing the disable of the scamware as well as the protector-xfg.exe trojan dropper.
Removal is basic as far as the main exe file by booting into safe mode to manually delete the file found under the user account sub folders once you have opened the file location. Here on one infected 7 laptop the protector-xfg.exe bug was first moved into a temp folder out from the user account while still being active prior to the reboot into safe mode.
With the VIPRE AV Home Premium version of that software installed and having removed several trojans already the fake SE still continued to indicate they were present risks. The obvious design of the malware was to point to already known about bugs in order to get people to buy the fake SE!
Unfortunately the laptop needed charging the first time it was looked at and the followup scan by VIPRE however revealed the quaranteened and then removed trojans as well as Fake SE seen as the last item in the scan results here.
The fake SE is dark almost black background in color with the look of any more recent software with the Aero style appearance with yellow and red coloring for text. That's quite a bit different in appearance from the 2010 version of a fake MS SE seen in the link above.
This latest malware will easily slip past any effect web guard as well as just about any av program! The user will unwittingly expose themselves to this by whatever form disguishes it to begin with.
The now called "protector-xfg.exe" trojan dropper downloads several trojans along with a fake "Security Essentials - Windows Defender". Note when trying to bring up the taskmanager to find out what process is new to end it you will find the SE along with a "Windows Process Manager" which basically takes over the taskmanager entirely preventing the disable of the scamware as well as the protector-xfg.exe trojan dropper.
Removal is basic as far as the main exe file by booting into safe mode to manually delete the file found under the user account sub folders once you have opened the file location. Here on one infected 7 laptop the protector-xfg.exe bug was first moved into a temp folder out from the user account while still being active prior to the reboot into safe mode.
With the VIPRE AV Home Premium version of that software installed and having removed several trojans already the fake SE still continued to indicate they were present risks. The obvious design of the malware was to point to already known about bugs in order to get people to buy the fake SE!
Unfortunately the laptop needed charging the first time it was looked at and the followup scan by VIPRE however revealed the quaranteened and then removed trojans as well as Fake SE seen as the last item in the scan results here.
The fake SE is dark almost black background in color with the look of any more recent software with the Aero style appearance with yellow and red coloring for text. That's quite a bit different in appearance from the 2010 version of a fake MS SE seen in the link above.
My Computer
System One
-
- OS
- 1st W10 Professional x64/W7 Ultimate x64 - 2nd Remote system: W10 Insider Builds/W7 Professional
- Computer type
- PC/Desktop
- System Manufacturer/Model
- Custom Builds
- CPU
- AMD Phenom II X4 975 Deneb 3.6ghz -2nd case AMD Atholon II 3.2ghz
- Motherboard
- Gigabyte GA-790XTA-UD4
- Memory
- Kingston Hyper-X DDR3 1600mhz 16gb - 2nd case Kingston Hyper-X "Fury" DDR3 1600mhz 8gb
- Graphics Card(s)
- MSI Radeon HD 5750 1gb - 2nd AMD Radeon 6450
- Sound Card
- Creative Xtreme Gamer - 2nd case Realtek Onboard audio
- Monitor(s) Displays
- Acer 19" dual monitor setup - 2nd case HP 20" lcd
- Screen Resolution
- 1440x900 same on both builds
- Hard Drives
- 1st build
WD Caviar Black Edition Sata II 1tb two OS drives
WD RE "Heavy Duty Sata II 2tb two Storage/Backup
2nd build
WD Blue Sata II 500gb
WD Black Edition Sata III 1tb
WD Green Power Sata II 1tb in external usb enclosure
- PSU
- Corsair TX750H 750w -Corsair 500w
- Case
- Antec 900-2 -NXZT Vulcan Mini tower/carrying handle
- Cooling
- 120mm front pair, 120 rear 200cm top - 120mm Front intake 200mm side cover
- Keyboard
- Azio Blue led back lit both builds.
- Mouse
- MSI DS200 11 button programmable Gaming optical mouse - Odessa 3 button dual scroll trackball
- Internet Speed
- 30mbps
- Other Info
- two MSI 22x ide dvd burners, 25 usb flash drives used for Linux Live, live data recovery 128gb, and Windows 7, 10 usb installation keys