NEW BLOG POST: Windows Defender AV’s behavior monitoring coupled with cloud-powered machine learning models uncovered and blocked a massive Dofoil (Smoke Loader) coin mining campaign. Read the post
Aliases: Trojan:Win32/FakeXPA (Microsoft) XP Antivirus (other)
Reports of Rogue Antivirus programs have been more prevalent as of late. These are programs that generate misleading alerts and false detections in order to convince users to purchase illegitimate security software. Some of these programs, such as Trojan:Win32/Antivirusxp and Program:Win32/FakeRednefed may display product names or logos in an apparently unlawful attempt to impersonate Microsoft products. These products may represent themselves as “Antivirus XP”, “AntivirusXP 2008”, “WinDefender 2008”, “XP Antivirus”, or similar.