Video Screencast Help
Symantec Appoints Michael A. Brown CEO. Learn more.
Security Community Blog

Article: 5 software titles you should definitely NOT install

Created: 02 Oct 2009 • 2 comments
riva11's picture
+11 11 Votes
Login to vote

I read an interesting article on PC Authority " Fake Antivirus: 5 software titles you should definitely NOT install ", there is a good description about the dangerous attacks by rogue security products.

Follows the Top 5 list of rogue security software titles to avoid (extract from Fake Antivirus: 5 software titles you should definitely NOT install ) :

1) SpySherrif

How it works:  This piece of malware does it best work by informing computers of false threats to their system. It's mostly found via web typo's (Toggle) and via infected software downloaded over P2P networks.

Threat value:  SpySherrif is extremely difficult to remove by traditional security scanners. In additional to credit card fraud, this piece of crafty spyware can block internet connections, create multiple administration accounts, stop critical programs from responding and block access to several useful websites that might be used to clean any malware infection. 

Also known as: System Security, SpywareStrike, SpyShredder and Spybot - just to name a few.

2)  WinFixer

How it works:  Frequently launches pop-ups that offer trial versions of anti-virus suites that can scan machines for non-existent infections. To remove the fake Trojan, users must purchase the program.

Threat value:  Used mainly to extort users through credit card fraud.

Also Known as: WinFixer goes by many names, titles that sound much like genuine security suites. These include WinAntiSpyware, AVSystemCare, WinAntiSpy and Windows Police Pro. There are among 20 other given names for WinFixer.
3) MacSweeper

How it works: Known as one of the first rogue security applications to target the Mac Operating systems. It's easy to catch too: web typos, drive-by downloads and piggyback downloads hidden in other applications.

Threat value:  This one has been busted by the big security firms already and there are instructions for removal available online. The usual credit card fraud aspect applies and encourages users to pay for a full trial version.

Also known as: KiVVi Software, Cleanator.

4) Green Antivirus 2009

How it works: Green Antivirus is unique because it places a spin on the traditional fake anti-virus suite, by adding a moral incentive to users. The fake program often promotes to donate $2 of each downloaded software title to a particular charity in need. This is done to make the software appear more legitimate.

Threat value: Credit card fraud warning.

Also know as: Green AV.

5)  MS Antivirus 2009

How it works: With a name bearing the false credentials of the biggest software company in the world, this particular rogue security suite is particularly well positioned to take advantage of number one branding. Works in same manner of other rogue security suites by offering to scan computer for free.

Threat value:  It's Microsoft OS dependent, so you'll need to be on a Windows machine to be a viable target. However, once downloaded, the malware can disable genuine virus scanners and make it difficult to remove.

Also known as: Extremely popular and ever changing its name, it's also known as Windows Antivirus, Win Antivirus, Antivirus Pro and Antivirus Pro 2009 - among many many others.

Comments 2 CommentsJump to latest comment

shp's picture

Good one... 

Regards,
Srinivas H.P.
HCL Infosystems Ltd

+1
Login to vote