14 DAY TRIAL // Windows Antivirus Pro, also known as Windows Police Pro or ASC Antivirus, is the latest piece of rogue antivirus products that Microsoft has started tackling with its free Malicious Software Removal Tool security solution. Identified as TrojanDownloader:Win32/FakeScanti, the malicious code is an example of a fake antivirus, an application masquerading as a security solution. Just as other rogue antivirus programs, FakeScanti turns to a range of social engineering tricks in order to fool victims into paying for a license for a piece of software with no real functionality.
“We first saw a variant of Win32/FakeScanti back in early March of this year, when it went by the name of ASC Antivirus. There was then very little activity on the FakeScanti front until late July, when we noticed a file, which we detect as TrojanDownloader:Win32/FakeScanti, downloading a new version of the scanner going by the name of Windows Antivirus Pro. This version was proactively detected by the signatures added in March. Since then there has been a steady stream of new files, but only one name change, to Windows Police Pro,” revealed David Wood from the Microsoft Malware Protection Center.
At the bottom of this article you will be able to find a download link to the latest version of the Microsoft Malicious Software Removal Tool. The security solution from the Redmond company is offered as a free download, and is designed to tackle a specific list of malware.
“FakeScanti has your usual grab bag of popups, system tray balloons, and dialog boxes (and there are many examples of these in our Win32/FakeScanti description) all reporting malicious activity, and recommending that the reported threats be removed. Of course, if you want this to happen, then naturally you have to pay,” Wood noted.
There is a wide array of tricks deployed by FakeScanti in order to convince end users to cough up the money for a license. Insistent and pervasive popup and incessant notifications of inexistent infections are just part of FakeScanti’s arsenal. The rogue antivirus also blocks applications and website access and even reboots the system periodically.
Microsoft Malicious Software Removal Tool is available for download here.
