Rogue security software is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware. Rogue security software, in recent years, has become a growing and serious security threat in desktop computing.
Propagation
Rogue security software mainly relies on social engineering in order to defeat the security built into modern operating system and browser software and install itself onto victims' computers.
Most have a Trojan horse component, to which users are misled into installing. The Trojan may be disguised as:
* A browser plug-in or extension
* An image, screensaver or archive file attached to an e-mail message
* Multimedia codec required to play a certain video clip
* Software shared on peer-to-peer networks
* A free online malware scanning service
Some rogue security software, however, propagate onto users computers as drive-by downloads which exploit security vulnerabilities in web browsers or e-mail clients to install themselves without any manual interaction.
Operation
Once installed, the rogue security software may then attempt to entice the user into purchasing a service or additional software by:
* Alerting the user with the fake or simulated detection of malware or pornography.
* Displaying an animation simulating a fake system crash and reboot.
* Selectively disabling parts of the system to prevent the user from uninstalling them. Some may also prevent anti-malware programs from running, disable automatic system software updates and block access to websites of anti-malware vendors.
* Installing actual malware onto the computer, then alerting the user after "detecting" them. This method is less common as the malware is likely to be detected by legitimate anti-malware programs.
Some rogue security software overlaps in function with scareware by also:
* Presenting offers to fix urgent performance problems or perform essential housekeeping on the computer.
* Scaring the user by presenting authentic-looking pop-up warnings and security alerts, which may mimic actual system notices. These are intended to leverage the trust of the user in vendors of legitimate security software.
Partial list of rogue security software
The following is a partial list of rogue security software, most of which can be grouped into families. These are functionally-identical versions of the same program repackaged as successive new products by the same vendor.
EVAN IF THEYR NAMES SOUNDS VERY TEMPTING, DO NOT INSTALL ANY OF THESE PRODUCTS!!!!
* Advanced Cleaner
* AlfaCleaner
* AntiSpyCheck 2.1
* AntiSpyStorm
* AntiSpyware 2009
* AntiSpywareExpert
* AntiSpywareMaster
* AntiSpywareSuite
* AntiSpyware Shield
* Antivermins
* Antivirgear
* Antivirus 2008
* Antivirus 2009
* Antivirus 2010 (also known as Anti-virus-1)
* Antivirus 360
* Antivirus Pro 2009
* AntiVirus Gold
* Antivirus Master
* Antivirus XP 2008
* Avatod Antispyware 8.0
* Awola
* Brave Sentry
* BestsellerAntivirus
* Cleanator
* ContraVirus
* Doctor Antivirus
* Doctor Antivirus 2008
* DriveCleaner
* EasySpywareCleaner
* Errorsafe
* GreenAV2009
* IE Antivirus (aka IE Antivirus 3.2)
* IEDefender
* InfeStop
* Internet Antivirus (aka Internet Antivirus Pro, distributed by plus4scan.com)[
* KVMSecure
* MacSweeper
* MalwareCrush
* MalwareCore
* MalwareAlarm
* Malware Bell (a.k.a. Malware Bell 3.2)
* Malware Defender (not to be confused with the HIPS firewall of the same name)
* MS Antivirus
* MS AntiSpyware 2009
* MaxAntiSpy
* Netcom3 Cleaner
* PCSecureSystem
* PC Antispy
* PC Clean Pro
* PC Privacy Cleaner
* PC SpeedScan Pro (distributed by FinallyFast.com, Rogueness is questionable)
* PestTrap
* PerfectCleaner
* Perfect Defender 2009
* PersonalAntiSpy Free
* PAL Spyware Remover
* PCPrivacy Tools
* PC Antispyware
* PSGuard
* Rapid AntiVirus
* Real AntiVirus
* Registry Great
* Safety Alerter 2006
* SaliarAR
* SecurePCCleaner
* Security Toolbar 7.1
* Smart Antivirus 2009
* SpyAxe
* Spy Away
* SpyCrush
* Spydawn
* SpyGuarder
* SpyHeal (a.k.a SpyHeals & VirusHeal)
* SpyMarshal
* Spylocked
* SpySheriff
* SpySpotter
* SpywareBot (Spybot - Search & Destroy knockoff)
* Spyware Cleaner
* SpywareGuard 2008
* Spyware Protect 2009
* Spyware Quake
* SpywareSheriff (often confused with SpySheriff)
* Spyware Stormer
* Spyware Striker Pro (distributed by FinallyFast.com)
* Spyware Protect 2009
* Super Ad Blocker
* SpywareStrike
* SpyRid
* SpyWiper
* System Antivirus 2008
* System Live Protect
* SystemDoctor
* System Security
* Total Secure 2009
* TrustedAntivirus
* TheSpyBot (Spybot - Search & Destroy knockoff)
* UltimateCleaner
* VirusHeat
* VirusIsolator
* Virus Locker
* VirusProtectPro
* VirusRemover2008
* VirusRemover2009
* VirusMelt
* VirusRanger
* Virus Response Lab 2009
* VirusTrigger
* Vista Antivirus 2008
* WinAntiVirus Pro 2006
* WinDefender (not to be confused with the legitimate Windows Defender)
* WinFixer
* WinHound
* WinSpywareProtect
* WinWeb Security 2008
* WorldAntiSpy
* XP Antivirus
* XP AntiSpyware 2009
* XP-Shield
* Zinaps AntiSpyware 2008
* Winpc Defender
* Spyware Protect 2009
* Winpc Antivirus
* Personal Antivirus
add a rep if u had a gain from this post
