| A growing threat to PC health and network security | | | | then promise to clean all these threats from the PC if |
| comes in the form of fake anti-virus and anti-spyware | | | | the user follows a link and purchases the upgrade. The |
| programs circulating the Internet. These programs use | | | | upgrade may or may not prevent the scanning |
| a variety of techniques to infect computers. One | | | | program from continuing to report false positives. In |
| common way is with a web pop-up from a | | | | any case, it is likely to result in more serious infections, |
| compromised site, stating that the user's PC is infected | | | | as these rogue programs are associated with a |
| with spyware and offering a free download to scan | | | | variety of Trojans and other malware. |
| and clean the computer. Accepting the offer actually | | | | Some of the most malicious rogue anti-malware |
| installs the rogue software. Sometimes clicking | | | | programs have more nefarious goals. They install key |
| "Cancel" or even the red "x" to close the window will | | | | loggers to steal confidential information, or agents to |
| actually launch the installer. Other methods of infection | | | | add the infected computer to a botnet. The |
| include the use of Trojan downloaders already present | | | | prevalence of rogue security software is rising. Trend |
| on targeted PCs, links in spam, and even "drive-by" | | | | Micro has reported a 5-fold year-over-year increase, |
| infections. | | | | and estimates that these applications account for as |
| Rogue software often has a very professional-looking | | | | much as 10 percent of all current infections. |
| interface, complete with advanced graphical displays | | | | Removal of this kind of malware rarely works with the |
| and good command of security buzzwords. They | | | | normal "Add and Remove Programs" utility. Manual |
| usually link to impressive websites listing the virtues and | | | | removal usually entails booting into Windows Safe |
| industry recognition of the software - which is, of | | | | mode, searching for and removing specific files, |
| course, fictional. The names all sound like legitimate | | | | unregistering affected dlls, and editing the registry. In |
| anti-malware software, and in some cases will be | | | | other words, removal is beyond the capabilities of |
| almost identical to genuine security software. Some | | | | many end users. There are some free utilities that can |
| recent names include AntiSpyware Master, | | | | help, like Malwarebyte.com's free Rogue Remover |
| SpyGuarder, and Doctor Antivirus. | | | | utility. Naturally, a pro-active defense is preferred. |
| The primary goal of most rogue security software is | | | | Users should never trust a web site that claims to |
| to trick the user into purchasing an "upgrade," which | | | | have discovered malware on their PCs without being |
| typically costs around $30.00 to $50.00. These | | | | asked. Free scans should only be requested from |
| malicious programs will run artificial "scans" of the | | | | well-known, trusted sites. Rogue applications are |
| affected computer, and report any number of viruses, | | | | usually detected by genuine anti-malware applications, |
| Trojans, worms, spyware, and adware. These reports | | | | so keeping anti-virus programs, firewalls, and email |
| are generally all fake positives, since the rogue | | | | scanners up to date will mitigate the risk of infection. |
| software does not actually scan the computer. It will | | | | |