Not long ago we've presented a series of fake Windows antivirus programs designed to fool users into purchasing shady pieces of software that allegedly cleaned up infections that didn’t exist in the first place. Experts warn that new versions of the phony AV applications are making the rounds.
Until now, the fake antiviruses were named Process Director, No-Risk Agent, AntiHazard Center, Health Keeper, Guardian Angel, Software Keeper, Problems Stopper, and No-Risk Center.
The newer variants found by GFI researchers work in the same way, but their names have changed to Windows Care Taker, Efficiency Reservoir, Process Accelerator, Stability Maximizer, Cleaning Tools, Component Protector, Antibreaking System, Foolproof Protector, Crucial Scanner, Protection Unit, or simply Windows Antivirus.
While their names may have changed, and continue to change almost daily, the way they function remains mostly the same.
Once on a computer, the rogue pieces of software will alert the user that a number of threats that urgently need to be addressed are found on the system.
In reality, there aren’t any Trojan Downloaders, Monitors, Spoofers, Trojan-DDoSs and Worms, but the well-designed window that apparently scans the PC may trick some users into believing that they exist.
In order to get rid of the infections, victims are requested to purchase a cleaner that can apparently make everything go away. However, the cleaning application is just as phony as the antivirus programs, so in reality, internauts end up paying for an inexistent service.
Fortunately, GFI provides removal tools for each of these malicious elements. However, in some scenarios, the scareware is designed to block the installation of legitimate security solutions to ensure a higher rate of success.
In this situation, victims can turn to special apps offered by security firms, such as the VIPRE Rescue Disk from GFI, which removes the threat before the operating system starts.