- Image by degra™ via Flickr
In the past couple of years, I’ve noticed a surge in Scareware. A Scareware is a program that displays bogus virus detection messages, locking up the system, and duping the end user to go to a website to purchase a “magic” remedy that will remove all the viruses on your computer.
I had to come over to a client once, and was surprised to find the system supposedly filled with viruses. The desktop background was removed, and the system refused to behave properly. A popup kept reminding me to go to a website to purchase some kind of antivirus that will remove the infections. Something didn’t feel right the moment I saw that. There was a branded antivirus already installed, and I was wondering why it didn’t detect approximately 1034 malware?
Lo and behold, it was a bogus antivirus that had installed itself, called XP Antivirus. I spent about an hour there, half of which I had to spend cleaning up the registry by hand, because the branded antivirus didn’t detect the scareware. It was an expensive bill, because there was a lot of menial work involved to remove the nasty scareware. The client would have been better off had he installed a real antivirus like Avast.
There are literally hundreds of scareware programs, many of which are simply clones or modifications of earlier programs. Here’s a small sampling:
- AntiVirus 2008, 2009 and 2010: Three versions of the same scareware tool. The 2010 version comes with its own bogus Blue Screen of Death.
- AntiVirus Plasma: Once installed hogs memory and processing.
- AntiVirus Plus: Scareware that can use Microsoft Security Center alerts.
- Antispy 2008: Fairly amateur scareware app.
- AntispywareXP 2009: Slows down your PC and displays fake warnings and fake scan results.
- AntiVirus Sentry: Fake alerts trick users into downloading the software. This has also been known to download without permission; it then prompts you to buy the software to remove malware.
- Content Eraser: Fake privacy application.
- PCVirusless: Lures users in with Web ads.
- Personal Defender 2000: Fake anti-spyware application that uses a fake Firewall Security Alert to trick users into doing a fake scan. The results always show infections, and the program then tries to get you to buy the software.
- ProAntispyware 2009: Scareware often advertised on Web sites.
- RapidAntiVirus: Once installed, this can identify legitimate files as malware and harm your PC if deleted.
- Real AntiVirus: Like other scareware software, this one runs scans that show malware that doesn’t exist and prompts you to buy anti-virus software.
- SpyProtector: Often shows users fake taskbar alerts.
- Security 2009: Similar to SpyProtector, this is often advertised on the Web.
- WinDefender 2009: Trojan horses can display bogus alerts and prompt you to download the WinDefender 2009 software. If you load WinDefender it will always find malware, even if it’s only the malware that it installed itself. The program then tricks you into buying the full WinDefender package.
- XP Antispyware 2009: The same essential program as AntispywareXP 2009.
Definitions are based on work done by Bleeping Computer LLC.
Related articles by Zemanta
- Why you need an Anti virus program (raunchyjohnson.com)
- How Do You Know Your PC Is Infected? (appscout.com)
![Reblog this post [with Zemanta]](http://img.zemanta.com/reblog_e.png?x-id=a2a35632-546c-44eb-bbe9-417cfad8c6dd)