Facebook Plunges Again
Tumblr 101: Tips And Tricks To Get Started
DLS 101 - How to spot a fake Windows antivirus program
Unlike Avast, AVG, Kaspersky, Norton, or any of the other real antivirus options out there, a rogue will do nothing to protect you. Rather, it's going to try to deceive you into paying for a full version or removal tool. It may even open a backdoor to your system and start downloading other annoying, nasty programs.
How do these programs get on people's computers in the first place? Usually through deceptive pop-ups on web. Often these "alerts" will try to trick you into thinking:
- porn and illegal files have been found on your computer
- a scan has found virus and malware infections on your system
- your system is totally unprotected
Here are some things to look for:
- cheesey names - never mind the old adage, with these programs you usually CAN judge the book by its cover. Rogue antivirus programs typically use names like Antivirus 360, WinAntivirus 2009, Spyware Police, SpywareProtect, etc.
Wikipedia has a huge list of known fake programs. It also helps to get familiar with big-name, legitimate software (like these free antivirus programs for Windows).
Remind yourself that if you don't recognize the name, don't click. - alerts that just don't belong - Windows will tell you if you're not running antivirus software or the definitions are out of date, but it won't tell you that an infection has been found. Windows Defender will pop up alerts, but not Windows itself or the Windows Security Center. Alerts that claim Windows has found infected files are pulling your leg.
- poor grammar - Windows has its weak points, but real system messages are usually very well written and clear. Alerts from rogue apps don't have the same attention to detail.
- bogus scanning - lots of these apps pretend to scan your system and find all kinds of infected files. Watch what folders and files are being scanned and see if they match the infected files being found.
If the scan is going through c:\windows\ and infected items in folders like c:\temp or c:\documents and settings\ are popping up, it's bogus. Real virus scanners will display infected items as soon as they find them in the folder that's currently being scanned - not random stuff from who knows where.
- your wallpaper has been changed and the image says something about being infected
- every time you reboot a scan window pops up
- whenever the scan completes, you're asked to register or pay in order to remove the infections
Comments
28
Subscribe to commentsLOUIS WEINBERGAug 9th 2009 10:50PM
Funny, but a browser called AOL throws these AV programs at me all the time, like System Mechanic and othrrs. Gee, they must all be fake and AOL can't keep up with them!
gas_go_techAug 9th 2009 10:55PM
For what it worth to those of you who are less evperienced users. I'm no pro but I know enough to generally stay out of trouble. These fake programs are deceptive and a problem. Part of the problem with them is that they dont allow a user to safely close out of them.They just keep reopening a smaller window until you click on them. You can not even shut the main window down. My advice to you all is to learn how to use your task manager to safely close out of those programs, it is the only safe way i have found to get out of them. Ironically enough I am fighting one of these programs as we speak because my son innocently clicked on one of those fake ads. It is a real pain in the butt removing these things once they get in there too. An easy way to pull up task manager is by hitting control+alt+delete
wolfyou5Aug 9th 2009 11:55PM
Everytime I've set up AOL it's own spyware cames up with a Trojan, what's the deal with that?
laiconnaAug 15th 2009 4:32PM
When that happened to me. I was so frustrated that I almost clicked to download it because it was popping up so much that I couldn't navigate. But I remembered to use the malicious software removal tool and stopped it.
http://www.galleryshops.biz/microsoftstore.htm
Torin :PAug 10th 2009 1:14AM
to gas_go_tech, I've found that just closing the window altogether is easier than opening the task manager, as I run vista, and it's annoying to have to choose to open the task manager. to do so I use the ever so obnoxious Alt+F4 combo. For those unfamiliar with it, it automatically closes the highlighted window. Although the task manager is great, on Vista it's too hard to get to.
rpape9141Aug 10th 2009 3:29AM
I had a spate of attacks a few months back, I ended up wiping the hard drive
and reloading XP and all of the other little programs I use,
I also started a file of photographs of various screens, this has to be done with
a camera, I was hoping to be able to trace the perpetrators which I did,
at least to some degree, they all led back to towns in USA (and not Russia as
I was expecting)
I think that in law it could be described as coersion or extortion and it is being
aided and abetted by the merchant banks who provide cash handling service,
It might be worth persuing as a legal issue,
chrisAug 10th 2009 5:24AM
just went through this crap. called itself windows systems suite.
infected me big time, before i knew what was happening. had a little red brick wall like defenders gray wall, claimed to be from windows, but i got suspisous when it sent me to a buy page. BEWARE OF LITTLE RED BRICK WALLS......
DavidAug 10th 2009 5:27AM
Wow no real tech's here.....these anti-virus programs are just scripts running in the browser or loaded into memory....the easy way to get free of them is to go into control panel, then user accounts click the button to create a new account.....it will pop up a message saying...."there is a scrip running on this page do you wish to continue running it......click no.....poof its gone....cancel the new account....that will be 65 bucks from each of these posters please.....0z