14 DAY TRIAL // Back in the past, we saw a huge number of rogue anti-spyware technology which did nothing than to misinform users and trick them into buying unneeded security solutions. Today, a similar scam has been reported by security company Panda Software but, in comparison with the previous attacks, this one relies on a Windows function closely related to security. The Adware/XP-Shield poses as a Windows security center which usually informs you about the status of the security applications on the Windows workstations.
However, this piece of malware misinforms users that their computers are infected and, just like many other rogue anti-spyware products, it asks them to buy a certain security product. Only that buying the product does nothing to the computer because all the attackers want is to actually steal your money.
Once installed on the computer, the malware displays pop-up windows every once in a while, notifying users about the existence of an infection. If the user chooses to continue "unprotected", the application stays in the background and minimizes the window to System Tray.
"It is possible that while we are visiting different websites, several popups are displayed informing us that our system is infected or that our computer is not working properly and in order to solve these problems they recommend us to purchase a certain program. Be careful with this type of software, which will not really solve the problem and will make you lose money," it is mentioned in the Panda Software security advisory.
The malware can be easily identified by the name of the executable files, XPShieldSetup.exe, and by the fact that it drops a shortcut on the Desktop and in the Start menu. The infection only affected the Windows machines, including here Windows 2003, Windows XP, Windows 2000, Windows NT, Windows ME and Windows 98.