Rogue Anti Virus products..

Here is a video blog about Rogue Anti Virus products.

Melih

Nice video Melih,Those rogue antiviruses aren’t fun. Sadly, some people don’t know enough to differ a real antivirus from a rogue one. As a solution, perhaps include Computer Security as a subject in school? :wink:

sure, it wouldn’t hurt to do that.
I also believe we as the Security Industry must do more to differnetiate what is legitimate what is not.

thanks
Melih

Nice one Melih.

I came across the same problem once [ a web site that scans automatically my system and not allowed me to close the page and asking lots and lots of questions or ways to download the s/w ].

Finally i have end tasked my browser process :frowning:

one unofficial and not always accurate way to see if it is legit or not, is the look, like i know superantispyware IS legit, it looks like a scam.

bestfreepcsoftware

www.bestfreepcsoftware.webs.com

There is an industry effort in place http://www.ccssforum.org/ . The industry is now getting together to solve these issues.

Melih

that is very good to know. But stuill, i brought the issue up with SAS (Super anti spyware) and they claim it is only important for the feauters not the looks. THat is true but it still cant look like a mlaware.

bestfreepcsoftware

www.bestfreepcsoftware.webs.com

All the new rouge software usually looks good now nowadays, So i don’t think you can say anything looks like a rouge software any more. But If we did go some years back i would agree :slight_smile:

Yea most have realy nice GUI and look realy promising. For some people it’s just hard to see wich one is real and wich one is not. I even saw people that thought that ‘RealAntivirus’ was a good av lol^^

One of the best looking GUI’s i have seen where a rouge AV :stuck_out_tongue:

I’m not saying the rogues look bad, I’m saying that when something looks to good or too bad, its usually rogue, but for SAS its not but it looks horrible. The interface looks like its from 1998

I like SAS interface.

I think it’s better then Avira, Avast, AVG, Kaspersky, NOD32, MBAM and alot of others i’ve seen :slight_smile:

Nice Headsup Melih.

It really pays to be a discerned Netizen and have a wee bit of Branded AV products, else it sure bodes to end as a catastrophe.

Kind regards,
Srikanth

comodo did not detect recycler virus which has to be removed with autoruneater

There will ALWAYS be viruses that ALL AV products will miss regularly. That is why we need Prevention as our first line of defense and not detection as it is today.

Melih

Hi deecrepit,

The topic here is “Rogue Antivirus”. The infection you are referring to is different as far as I know, but in any case the it fits perfectly to what Melih mentioned - Prevention, which is correct.

One of the preventive measures regarding such types of infection is disabling Autoruns completely through the system. All devices… USBs included. That is must have layer of protection in addition to any other layers installed.

There are very good and detailed instructions how to disable Autoruns completely.
Recently MS fixed some bugs it that area too. There was a security patch a month or so ago.

In addition there is a Tool for immunizing flash sticks pen-drives & so on (flash disinfector). The prevention measure again.

The “convenience” of having auto-execution from devices has to be forgotten.

But what is interesting in this context - you did not mention what part of CIS as you think missed that. I may be wrong, but you should have the Alert from Defense+ in the first place.

Or you are saying that there was no Defense+ Alerts?

*** Added probably the discussion about that should be placed in a separate thread. Moderators will decide.

My regards

The Common Computing Security Standards (CCSS) forum now has a feature that can help the user identify rogueware.

SEE: http://www.ccssforum.org/trusted-vendors.php

And ZDNet just wrote a nice article…

The Ultimate Guide to Scareware Protection
http://blogs.zdnet.com/security/?p=4297

And here’s a gallery of scareware-related screenshots…

http://news.zdnet.com/2346-12691_22-342083.html

Pretty interesting.

I was so lucky :-TD beeing infected by scareware 3 yrs ago. It poped up at my screen saying that i had around 300 infected files and that i needed to download a program to remove thees threats. I was not so experienced with computers at that time so I downloadet and payed 29.99$ for a program to help me.

He he. Luckily i did not loose more than those 29.99. And after searching the internet I used MBAM and SAS to get my computer clean.

When you have an infection like that it is scary and you get fooled.

i was using comodo trial version recently i got key of comodo internet security complete 2010 .
when i was surfing the net i face 5 rogue virus and it run completely in my pc and comodo didn’t detect the any of the rogue virus. the file downloaded by this rogue is there in my pc i scan the file by right click and it didn’t detect the rogue virus .then i again scan with sandbox then a pop up came and it shows tht its acess ur shell and show me the option to terminate or allow this.
the point is comodo has 42 lakh antimalware database and it didn’t detect the rogue virus.
and again i infected with this virus and its tht powerful tht it delete all me files automatically i locked my files in folder lock and these files are also deleted . when i restarted my pc then window is corrupted and i hve to install the window again.
can anyone tell me is comodo is powerful or i hve to switch to another antivirus to protect my pc