Bad things all around: The software is phoney. It generates false alerts. They charge people for it. And most folks are either too embarrassed or too ignorant to stop the charges.
July 27, 20107 CommentsRSS feed for comments on this post. Sorry, the comment form is closed at this time. |
When I got my first PC a couple of years back I was learning about the internet and I got one of those on my PC called something like XP anti virus, I had no idea what it was an assumed it was windows own program, it was only after one of my friends explained about the whole fake anti virus thing, did I then understand what was going on. Norton was put onto my machine and took well over 30 viruses of there including the XP anti virus. I have noticed that they are updating these rouges to make them look like windows 7 alerts, and they do look very realistic. So to the untrained person they could easily be fooled.
Comment by chiefnoobie — July 28, 2010 @ 4:42 am
And that’s exactly how the scam works. Some people can’t tell the difference. It’s really sad, especially when they keep paying for the software that’s causing the problems.
Comment by admin — July 28, 2010 @ 7:27 am
I honestly think that the same group of maybe a dozen people (at most) are responsible for most of those rogue AV software. I’ve taken dozens of them off my different friends computers, and some of them really bury themselves in the system. The people who make these are very skilled and very dedicated to their scam. Most of the fake ones will give you an 1-800 number to call for support. But when called, the 800 number will automatically transfer to a 900 number without telling you. Then the fake company will keep you on as long as they can because the longer you’re on the more money they make.
Comment by gamerguy473 — July 28, 2010 @ 8:48 am
I have a feeling it is quite a lucrative industry these fake anti virus programs. Just think of the effort it takes to put them together. It’s not like in the early 90’s where a few college kids will have a good laugh to see who can make a virus I think unfortunately it must make quite a bit of money. You are right it took some getting rid of the one I had. My friend was on the verge of wiping the hard drive but after putting it through a few decent ‘real’ anti virus programs got the damned thing off. I think they also generate more viruses as soon as it’s on the system.
Comment by chiefnoobie — July 28, 2010 @ 12:13 pm
I’ve had the rouge antivirus software before. That was not fun; I ended up just doing a wipe of the hard drive. Quicker than trying to clean it off though 😛
Another thing the stuff does is use SysInternals BlueScreen ( http://technet.microsoft.com/en-us/sysinternals/bb897558.aspx ) and then do “shutdown /t x /r” to fake the system actually having a STOP error while locking keyboard input so that the fake STOP error won’t go away when a key is pressed (That’s how BlueScreen is made, to go away with a keypress).
But, I haven’t seen any source code to it so all of that is just a guess, but I think it might be a very good guess.
Comment by linuxlove — July 31, 2010 @ 4:29 pm
Let me clean my guesses up…
1. Virus triggers SysInternals BlueScreen to generate a real STOP error without crashing the system
2. Virus locks keyboard input so the user can’t press any keys to get the STOP error to go away
3. “shutdown /t x /r” is started, where x is a delay in seconds until the shutdown event; the /r switch was specified so in x seconds, the system will restart
Or, you can force the system to make a fully genuine STOP error instead of just using SysInternals BlueScreen. It’s talked about here: http://www.betaarchive.com/forum/viewtopic.php?p=161361#p161361
Comment by linuxlove — July 31, 2010 @ 4:34 pm
That’s interesting, a fake blue screen I can remember trying to use my keyboard to stop the thing bay pressing crt alt delete, and it started doing wacky things. I’ve also remembered what I tried to do to solve the XP anti virus on there (this was before I knew what I was doing) I was looking online for another anti virus to get the rogue off and I came across this so called anti virus called Stop Zilla. And unbelievably this to was a dodgy program if not a rouge it’s self, so I had inadvertently put 2 on there! I just checked and it is classed as malware. One thing that me dubious about this program was the fact that when you started up the PC it made a dragon roar noise!! Then of course it stared saying you have lots of viruses on your system please phone this number etc. One free program that I did manage to get on there before all failed was super anti spy ware which did work and is real. It saved saved my PC until my friend could install Norton for me. Having said that I later found Norton to be not all that good. I am now using Kaspersky and I have had no problems.
Comment by chiefnoobie — August 1, 2010 @ 3:02 am