Ultima Weapon
28.11.2007, 22:47
Rogue security software is software that uses malware (malicious software) or malicious tools to advertise or install itself or to force computer users to pay for removal of nonexistent spyware. Rogue software will often install a trojan horse to download a trial version, or it will do other unwanted things. The first and still most comprehensive study of rogue and real antispyware programs
Effects
The main goal of rogue software makers is to sell their product. Many times fake Windows dialog boxes will appear. Most of the time, they will display a message such as "WARNING! Your computer is infected with spyware! Buy [product name] to remove it!" Usually, when the dialog box's OK button is clicked, this will direct the user to the software's website. Sometimes, even clicking the upper right hand X button to close the dialog box will produce the same effect or activate the software's installation. (Pressing Alt+F4 can circumvent that trick). Some software, like SpyAxe will automatically download the trial version without any user action (drive-by installation).
False Positives
A variant of the above technique that rogue security software makers use is that of false positives. A false positive is a fake or false malware detection in a computer scan. This can convince even advanced users that their computer is infected who may not be deceived by the abovementioned similar claims without a scan. This is quite different from an accidental false positive, which can be produced in a scan by security software from honest companies.
Detection
Almost all reputable antispyware software will detect rogue software if it is installed on the scanned computer. Often, non-reputable rogue antispyware software will install a Trojan horse to download the software from the maker's website, like Titan Shield[2]. Reputable antispyware software can detect the Trojan even before the software is installed. Programs such as Ad-Aware SE, AVG Anti-Virus, Counterspy, RogueRemover, Spybot - Search & Destroy, Spy Sweeper, Spyware Doctor, SUPERAntiSpyware, prevX and Windows Defender can usually detect these. However, often removal of new, aggressive rogue programs requires use of programs such as HijackThis combined with manual removal processes because it can take quite a while before the manufacturers of the abovementioned legitimate programs learn how to automate the process and update their programs. Use of HijackThis without specialist help can cripple a computer, and users are advised to get help from the many voluntary specialists in many forums such as Spyware Warrior, Safer Networking, and many others.
Rugue & suspect antispyware applications list:
Check out the provided links to see which products are marked as a rogue/suspect.
This links are regulary updated and very trusted,so check 'em out from time to time.
- Spyware Warrior Rogue security software is software that uses malware (malicious software) or malicious tools to advertise or install itself or to force computer users to pay for removal of nonexistent spyware. Rogue software will often install a trojan horse to download a trial version, or it will do other unwanted things. The first and still most comprehensive study of rogue and real antispyware programs
Effects
The main goal of rogue software makers is to sell their product. Many times fake Windows dialog boxes will appear. Most of the time, they will display a message such as "WARNING! Your computer is infected with spyware! Buy [product name] to remove it!" Usually, when the dialog box's OK button is clicked, this will direct the user to the software's website. Sometimes, even clicking the upper right hand X button to close the dialog box will produce the same effect or activate the software's installation. (Pressing Alt+F4 can circumvent that trick). Some software, like SpyAxe will automatically download the trial version without any user action (drive-by installation).
False Positives
A variant of the above technique that rogue security software makers use is that of false positives. A false positive is a fake or false malware detection in a computer scan. This can convince even advanced users that their computer is infected who may not be deceived by the abovementioned similar claims without a scan. This is quite different from an accidental false positive, which can be produced in a scan by security software from honest companies.
Detection
Almost all reputable antispyware software will detect rogue software if it is installed on the scanned computer. Often, non-reputable rogue antispyware software will install a Trojan horse to download the software from the maker's website, like Titan Shield[2]. Reputable antispyware software can detect the Trojan even before the software is installed. Programs such as Ad-Aware SE, AVG Anti-Virus, Counterspy, RogueRemover, Spybot - Search & Destroy, Spy Sweeper, Spyware Doctor, SUPERAntiSpyware, prevX and Windows Defender can usually detect these. However, often removal of new, aggressive rogue programs requires use of programs such as HijackThis combined with manual removal processes because it can take quite a while before the manufacturers of the abovementioned legitimate programs learn how to automate the process and update their programs. Use of HijackThis without specialist help can cripple a computer, and users are advised to get help from the many voluntary specialists in many forums such as Spyware Warrior, Safer Networking, and many others.
Rugue & suspect antispyware applications list:
Check out the provided links to see which products are marked as a rogue/suspect.
This links are regulary updated and very trusted,so check 'em out from time to time.
Rogue & suspect antispyware web sites list:
- Spyware Warrior http://www.spywarewarrior.com/rogue_anti-spyware.htm
- Wikipedia http://en.wikipedia.org/wiki/Rogue_software
- Malwarebytes http://www.malwarebytes.org/database.php
- zdnet http://blogs.zdnet.com/Spyware/?p=727
Rogue & suspect antispyware web sites list:
- Spyware Warrior http://www.spywarewarrior.com/rogue_anti-spyware.htm
Effects
The main goal of rogue software makers is to sell their product. Many times fake Windows dialog boxes will appear. Most of the time, they will display a message such as "WARNING! Your computer is infected with spyware! Buy [product name] to remove it!" Usually, when the dialog box's OK button is clicked, this will direct the user to the software's website. Sometimes, even clicking the upper right hand X button to close the dialog box will produce the same effect or activate the software's installation. (Pressing Alt+F4 can circumvent that trick). Some software, like SpyAxe will automatically download the trial version without any user action (drive-by installation).
False Positives
A variant of the above technique that rogue security software makers use is that of false positives. A false positive is a fake or false malware detection in a computer scan. This can convince even advanced users that their computer is infected who may not be deceived by the abovementioned similar claims without a scan. This is quite different from an accidental false positive, which can be produced in a scan by security software from honest companies.
Detection
Almost all reputable antispyware software will detect rogue software if it is installed on the scanned computer. Often, non-reputable rogue antispyware software will install a Trojan horse to download the software from the maker's website, like Titan Shield[2]. Reputable antispyware software can detect the Trojan even before the software is installed. Programs such as Ad-Aware SE, AVG Anti-Virus, Counterspy, RogueRemover, Spybot - Search & Destroy, Spy Sweeper, Spyware Doctor, SUPERAntiSpyware, prevX and Windows Defender can usually detect these. However, often removal of new, aggressive rogue programs requires use of programs such as HijackThis combined with manual removal processes because it can take quite a while before the manufacturers of the abovementioned legitimate programs learn how to automate the process and update their programs. Use of HijackThis without specialist help can cripple a computer, and users are advised to get help from the many voluntary specialists in many forums such as Spyware Warrior, Safer Networking, and many others.
Rugue & suspect antispyware applications list:
Check out the provided links to see which products are marked as a rogue/suspect.
This links are regulary updated and very trusted,so check 'em out from time to time.
- Spyware Warrior Rogue security software is software that uses malware (malicious software) or malicious tools to advertise or install itself or to force computer users to pay for removal of nonexistent spyware. Rogue software will often install a trojan horse to download a trial version, or it will do other unwanted things. The first and still most comprehensive study of rogue and real antispyware programs
Effects
The main goal of rogue software makers is to sell their product. Many times fake Windows dialog boxes will appear. Most of the time, they will display a message such as "WARNING! Your computer is infected with spyware! Buy [product name] to remove it!" Usually, when the dialog box's OK button is clicked, this will direct the user to the software's website. Sometimes, even clicking the upper right hand X button to close the dialog box will produce the same effect or activate the software's installation. (Pressing Alt+F4 can circumvent that trick). Some software, like SpyAxe will automatically download the trial version without any user action (drive-by installation).
False Positives
A variant of the above technique that rogue security software makers use is that of false positives. A false positive is a fake or false malware detection in a computer scan. This can convince even advanced users that their computer is infected who may not be deceived by the abovementioned similar claims without a scan. This is quite different from an accidental false positive, which can be produced in a scan by security software from honest companies.
Detection
Almost all reputable antispyware software will detect rogue software if it is installed on the scanned computer. Often, non-reputable rogue antispyware software will install a Trojan horse to download the software from the maker's website, like Titan Shield[2]. Reputable antispyware software can detect the Trojan even before the software is installed. Programs such as Ad-Aware SE, AVG Anti-Virus, Counterspy, RogueRemover, Spybot - Search & Destroy, Spy Sweeper, Spyware Doctor, SUPERAntiSpyware, prevX and Windows Defender can usually detect these. However, often removal of new, aggressive rogue programs requires use of programs such as HijackThis combined with manual removal processes because it can take quite a while before the manufacturers of the abovementioned legitimate programs learn how to automate the process and update their programs. Use of HijackThis without specialist help can cripple a computer, and users are advised to get help from the many voluntary specialists in many forums such as Spyware Warrior, Safer Networking, and many others.
Rugue & suspect antispyware applications list:
Check out the provided links to see which products are marked as a rogue/suspect.
This links are regulary updated and very trusted,so check 'em out from time to time.
Rogue & suspect antispyware web sites list:
- Spyware Warrior http://www.spywarewarrior.com/rogue_anti-spyware.htm
- Wikipedia http://en.wikipedia.org/wiki/Rogue_software
- Malwarebytes http://www.malwarebytes.org/database.php
- zdnet http://blogs.zdnet.com/Spyware/?p=727
Rogue & suspect antispyware web sites list:
- Spyware Warrior http://www.spywarewarrior.com/rogue_anti-spyware.htm