Fake AV programs still causing chaos

Written by Phil Taylor on Friday, 06 May 2011. Posted in Technical Articles

Since the first Fake Antivirus/Anti Spyware program appeared on the Internet in 2006, they are showing no signs of slowing-down. In fact according to the Sophos Threat Centre FakeAV style messages still account for over 50% of all email threats but why is this so?

Like many things today, it all boils down to money. By forcing unwitting users to register for their "fake" software, these people are making very large sums of money and while people continue to pay, this type of software will unfortunately continue to exist

The creators of these programs rely ofakeavwebattack-desktop-security2010n a users fear. If most users get a popup message telling them that their computer is infected with a Virus or Malware, they will probably believe what they are being told and install the software that is offered.

Once installed, the software will constantly popup messages informing the user that their PC is infected and to remove the infection they must pay a fee to "activate" the software. Unfortunately the software is itself a form of virus. Any attempts to install or run other (genuine) anti-virus/spyware software will be blocked by the FakeAV program leading many users to believe that they have no choice but to pay the fee.

The picture on the left is of a typical "Fake AV" program.


Shine Systems have come across many machines that are infected with various types of FakeAV and we have successfully removed the software in EVERY case, restoring the computer to normal operation. Obviously when it comes to viruses/malware, prevention is better than cure and ensuring that your PC is adequately protected by a genuine Anti-Virus solution should always be high on the list of priorities for any computer user.

If you are infected with one of these Fake AV programs, the one thing that you MUST NOT do is "register" the software. The software is usually only one part of the picture. The other side is a (often professional looking) website where you enter your credit card details. From this point on, they have your card details and you should expect to see transactions appearing on your statement that you don't recognise.

Mac OS X Users cannot afford to ignore this threat either. The days when Apple computers were considered invulnerable to virus attacks are long gone and many viruses have been created which specifically target macs., over the last few days, a new variant Fake AV which is designed to look like a genuine Mac OS X application has surfaced. This program, called MAC Defender (not to be confused with the genuine MacDefender program, tricks users into thinking they are infected in the same way as the various Windows variants and then tries to force users to register the software at a cost of between $59 and $79 dollars!

If you are concerned about your Anti-Virus protection and would like to speak to one of our specialists, give Shine Systems a call on 0116 223 0033 or email This email address is being protected from spambots. You need JavaScript enabled to view it..

Social Bookmarks

About the Author

Phil Taylor

Phil Taylor is the Technical Director of shine Systems. Since completing an Electronic Apprenticeship at Racal in 1991, Phil has specialised in the design and installation of all types of networked computer systems.

Leave a comment

Please login to leave a comment. Optional login below.