For all those who don’t think IE8 is a secure browser.
I was trying to download a torrent at IsoHunt and I got the beginnings of what I’m sure was a rogue anti-malware app. It started with the usual “Your computer might be infected,scan now” come on. The installation was stopped, not by CIS, but by IE8 which shut down the browser tab for what it said were security reasons. Now that’s what a browser should do. I have no addons to IE8 other than a couple of accelerators and Web Slices. CIS gave no popups even though a scan was started by the app in question.
You’re probably right but my point is that IE8 recognized it as a malicious attempt and shut down the page. The Smart Screen Filter built into it is pretty good. After the fake scan that would have “found” numerous “infections”, there certainly would have been an attempt to make me download the rogue app. IE never let it get even that far.
Basically there are two sorts of rogue anti malware programs. The first group heavily relies on dirty techniques like drive by downloads that get easily detected as suspicious. The second group does not use suspect techniques but delivers a fake or sub mediocre product in an attempt to separate people from their money.
The second group may not get seriously flagged by D+ and when it is not in the av database it will pass.