Windows Basic Antivirus
Windows Basic Antivirus is a fake anti-virus program that will often enter a computer system without the computer user's authorization. This fake security tool is a bad copy of Microsoft Security Essentials and uses the name 'Windows Advanced Security Center' in its main window. Despite its claims, Windows Basic Antivirus has absolutely no way of fixing security problems on a computer system and is actually part of an online scam itself. Windows Basic Antivirus is part of a large family of fake security programs which malware analysts classify as the FakeVimes family. Malware like Windows Basic Antivirus will usually enter a computer system through force or deception, claim that the computer system is hosting a severe malware infection that can only be solved with Windows Basic Antivirus, and then refuse to remove this nonexistent threat until the victim purchases a 'full version' of Windows Basic Antivirus. Clearly, this scam's purpose to take advantage of novice computer users that may not be able to differentiate Windows Basic Antivirus from a real anti-virus program.
Some examples of Windows Basic Antivirus' clones include Virus Melt, Presto TuneUp, Fast Antivirus 2009, Extra Antivirus, Windows Security Suite, Smart Virus Eliminator, Packed.Generic.245, Volcano Security Suite, Windows Enterprise Suite, Enterprise Suite, Additional Guard, PC Live Guard, Live PC Care, Live Enterprise Suite, Security Antivirus, My Security Wall, CleanUp Antivirus, Smart Security, Windows Protection Suite, Windows Work Catalyst.
Common Ways of Becoming Infected with Windows Basic Antivirus
Windows Basic Antivirus will usually be associated with a Trojan dropper like Vundo or Zlob. These kinds of Trojans tend to be found bundled along with pirated movies, distributed as fake video codecs, or included as attachments in various spam email messages. However, 2012 has seen a rise of Windows Basic Antivirus infections acquired mainly through attack websites and malicious online malware scans. Basically, criminals attempt to take advantage of known vulnerabilities in various applications, attacking their victim through advertisements claiming to provide a free malware scan. These fake online malware scans will do two things. First of all, they will try to inject a Trojan into the victim's computer while the fake scan is running. Then, after the scan has finished running they will also claim that a malware infection is present and offers to install Windows Basic Antivirus as a way of removing this nonexistent threat. Once installed, Windows Basic Antivirus makes changes to the Windows Registry that allow Windows Basic Antivirus to start up automatically and to prevent its victims from accessing functions like the Task Manager, System Restore or many security applications.
