Rogue Security Software

These tips can be used for Windows XP and Vista -

Operating systems vary, if in doubt, check with your provider and/or technical support.

 

Perhaps the term Rogue Security Software is new to you, it is a form of computer malware that deceives or misleads users into paying for the fake or simulated removal of malware.  This lucrative and illegal business is rapidly growing. 

I have gleaned my information from both the Microsoft and Wikipedia Sites on the Net.  There is more detailed information available at both sites. 

http://en.wikipedia.org/wiki/Rogue_software   

http://www.microsoft.com/security/antivirus/rogue.aspx

Rogue security software mainly relies on social engineering (Social engineering is the act of manipulating people into performing actions or divulging confidential information.) Think of it like a ‘con game' where someone tries to part you and your money.  However, it additionally can defeat the security system built into your computer and access a victim's computers.

Many have a Trojan horse to mislead you.  Some are disguised as:

  • A browser plug-in or extension (typically toolbar)
  • An image, screensaver or file attached to an e-mail message
  • A Multimedia codec required to play a certain video clip
  • A free online malware scanning service

The last one on my list is one that is particularly popular it:

  • 1. Tells you that you are ‘infected' with something that sounds or is real.
  • 2. Says that they will fix the problem and it is ‘free.'
  • 3. You must download their software.
  • 4. You must run their software.
  • 5. You get back a number that is astronomical - like 863 (or more) errors found. The number may be so high that it, if accurate, would render more computers unusable.
  • 6. You must pay for the software (one way to make their money).
  • 7. You may even see it run and correct the ‘errors.'
  • 8. Your machine may run as before or may even decline.

 

Once installed, the rogue security software may then attempt to entice the user into purchasing a service or additional software by:

  • Alerting the user with the fake or simulated detection of problems
  • Displaying an animation simulating a system crash and reboot.
  • Selectively disabling parts of the system to prevent the user from uninstalling them.
  • Some may prevent anti-malware programs from running.
  • Disable automatic system software updates
  • And even block access to websites of anti-malware vendors.
  • Installing actual malware onto the computer, then alerting the user after "detecting" them. This method is less common as the malware is likely to be detected by legitimate anti-malware programs.

Rogue security software might also appear in the list of search results when you are searching for trustworthy antispyware software.

Rogue security software might also attempt to spoof the Microsoft security update process. Here's an example of rogue security software that's disguised as a Microsoft alert but that doesn't come from Microsoft.

 

Example of a warning from a rogue security program known as AntivirusXP.

For more information about this threat, including analysis, prevention and recovery, see the Trojan:Win32/Antivirusxp entry in the Microsoft Malware Protection Center encyclopedia.

Another common rogue security program is FakeSecSen:

 

Example of a warning rogue security program known as Fake SecSen.

For more information about this threat, including analysis, prevention and recovery, see the Program:Win32/FakeSecSen entry in the Microsoft Malware Protection Center encyclopedia.

Here is the legitimate Microsoft Windows Security Center:

 

Screenshot of legitimate Microsoft Windows Security Center.

To help protect yourself from rogue security software:

  • Install a firewall and keep it turned on.
  • Use automatic updating to keep your operating system and software up to date.
  • Install antivirus and antispyware software such as Microsoft Security Essentials and keep it updated. For links to other antivirus programs that work with Microsoft, see Microsoft Help and Support List of Antivirus Vendors.
  • If your antivirus software does not include antispyware software, you should install a separate antispyware program such as Windows Defender and keep it updated. (Windows Defender is available as a free download for Windows XP and is included in Windows Vista.)
  • Use caution when you click links in e-mail or on social networking Web sites.
  • Use a standard user account instead of an administrator account.
  • Familiarize yourself with common phishing scams.

If you think you might have rogue security software on your computer:

Scan your computer. Use your antivirus software or do a free scan with Windows Live safety scanner. The safety scanner checks for and removes viruses, eliminates junk on your hard drive, and improves your PC's performance.

Check your accounts. If you think you might have entered sensitive information, such as credit card numbers or passwords into a pop-up window or at a rogue security software site, you should monitor your associated accounts. For additional information, see What to do if you're a victim of fraud.

Call PC Safety. Microsoft provides free virus and spyware removal support to Windows customers who think they have an infected computer or have other PC Security questions.

Customers should call 1-866-PC Safety for phone support which is available 24 hours a day 7 days a week.

Customers can also visit http://safety.live.com/ for free online virus and spyware removal.

If you suspect that your computer is infected with rogue security software that is currently not detected with Microsoft security solutions, you can submit samples using the Microsoft Malware Protection Center submission form. For help with isolating undetected samples, call PC Safety.


In 2008, a hacker known as NeoN hacked into a database. Information revealed an affiliate earned $158,000 in a week.

These are a brief listing of the ones that sound so very real that anyone could be a client without knowing it:

  • Advanced Cleaner
  • Antivirus Pro 2010
  • Cleanator
  • Doctor Antivirus
  • MacSweeper
  • MS AntiSpyware 2009
  • PC Clean Pro
  • Personal Antivirus
  • PAL Spyware Remover
  • Security Toolbar 7.1 (Clever to say that 7.0 had been improved!!)
  • System Antivirus 2008
  • UltimateCleaner
  • TrustedAntivirus
  • TheSpyBot (Spybot - Search & Destroy knockoff)
  • WinDefender (not to be confused with the legitimate Windows Defender)

As previously noted, this is just a few of the many malware that is available.  I thought these names sounded so realistic.  You can see the larger list at the Wikipedia site.

As stated earlier in this blog, much of the information has been directly taken from Microsoft and/or Wikipedia.  I felt it was too important than to write my own version.  And, may I add, always purchase your software from a reliable source.  If in doubt, check your product vendor's site for more information. 

Comments (7) -

quiltsrus08 1/23/2010 9:03:19 AM

AS I DONT HAVE WINDOWS 7, I CANT GET THE FREE SECURITY SCAN.


quiltsrus08 1/23/2010 9:05:07 AM

WHAT ABOUT DRIVER DOCTOR?


A Nasty Program to stay away from.......


If Internet Security 2010 pops up, DON'T purchase!!!


Several college students got hit with this and foolishly paid $104 for it and then had to take their computers in to be repaired for another $100!  They have filed a dispute with their bank to see if they can get their money back, but if you have a VISA debit card, it it much harder to deal with than others. Each of these students were protected; the college insists on it or you don't get Internet service on campus.  A user doesn't have to be on a "less than desired" website for this to happen.  The site looks so authentic, it even fooled a communications major.  


Also, another thing to look for before hitting the "pay button" is composition, spelling and punctuation.  I found over ten errors right away; it was obvious they didn't have an educated person to proof it! You rarely find these mistakes on well intentioned web sites.


Thank you for your contribution as "The Computerist".  In people's efforts to do what they really enjoy, they don't realize there are those out there taking advantage of that passion!  


thecomputerist 1/23/2010 4:27:51 PM

Statement - I am unaware of a single place that has these 'rogues' listed.  You need to be certain of the vendor from whom you are buying.


I get a lot of my information from:  www.bleepingcomputer.com.  That free site, run by professionals who attempt to help others, is a little daunting to find your way around.  


I recommend that you may want to consider signing up for Bleeping and use the Search with the term "rogue" to keep up with the names that are known rogues.  I must  say that you can feel confident because I have been a member for over a year and find them to be as 'on top of things' as anyone out there.  


That being said, no one can keep up with a person who wants your money.  Those peoiple are interested only in filling their pockets are difficult to keep up with.  Many sites, including Microsoft, McAfee, Norton and many others spend lots of time and money to keep them at bay.


QUILTSRU - this is not predicated upon Windows 7.  Whatever your system, you can use the 'trusted sites.'  Microsoft is aggressive at this sort of things because they have so much to lose.  I personally don't know about "Driver Doctor."  You can check for the changing (rapidly) information by using your browser - say Google, and search for "Rogue Security Software."  I would only select the well known security sites as noted above.  I suspect they will have different lists and you need to purchase only from them.


Incidently, Mac, which has long been believed to be solid and not hackable, is now seeing some 'bad boys' showing up at their doors as well.  Nothing is sacred these days.


Thank you Maddierae!  When I found this out, I was at my keyboard writing immediately.  Thank you also goes to the people at AnnTheGran for allowing me to get the word out to those of us who enjoy embroidery.  We want to be safe.


Pat, The Computerist


The following tips can be used for both Windows XP and Vista. Operating systems vary, if in doubt, check


Well I am just reading this in Dec.,2014, after the crash of my computer!! And right when I need to get Xmas presents done. Was hoping to find some advice on which Laptop, with what processor,graphics,etc. is best for doing machine embroidery,quilting,downloading designs, wi-Fi, etc?  Also which programs are best for cataloging,re-sizing,monogram ing,lettering and converting???  It looks like new machines will be wi-Fi. so if I need to get all new stuff what should it be?

also need advice regarding cutting machines. I got an Accuquilt, but haven't used it yet. Those dies are really expensive. I also got a simplicity deluxe rotary cutter for cutting strips. Now Accuquilt has come out with an electric model! And my unsed one now costs $200 less! Now they have come out with a new cutting machine called a "cameo silleoutte" that does lots of things (they say)????  But, is it good for cutting fabric for quilts? The multiple geometric shapes? You have to use an iron-on interfacing on the fabric before you can cut. Seems like it would be cheaper overall than the Accuquilt system but I need advice. Am disabled and on a very tight budget so must be careful. Thanks for your input and experiences.

Please login to comment