protecting against fake AV software

November 3, 2009 at 14:26:36
Specs: Windows 7, 3.5GB Ram
Over the last few months, I've seen quite a few of my clients becoming infected with fake antivirus products such as "Cyber Security". This doesn't surprise me much, but here is what does. One of my business clients had a desktop infected that was protected by Symantec Endpoint Protection. I confirmed that the program was installed and configured correctly and the definition were up to date. Yet Cyber Security still installed itself. Another client (a home user) also caught Cyber Security, even though they were running AVG free 9.0 with the definitions that were less than 24 hours old.

I'm not too worried about the specific problems, I know how to remove Cyber Security. I'm more interested in why both Symantec Endpoint Protection and AVG 9 both failed to block the crapware? Certainly such mainstream products should be able to protect against such mainstream malware programs.

-Ryan Adams

Free Computer Tips and more:http://RyanTAdams.com
Paid Tech Support: Black Diamond


See More: protecting against fake AV software

Report •


#1
November 3, 2009 at 16:35:08
I've had AVG8.5 freebie pick them up online with a big red warning, many times.

I always heed the warning of-course but I wonder if your clients don't opt away smartish. They need to know about Alt+F4 keys because with much of this sort of crap 'No' often means 'Yes' so you have clear the offending screen pronto, without clicking the mouse on it.

I don't know the answer to your question. Maybe they are popping up all over the place before they get noticed and databases can't get updated in time. From what I've read Microsoft Security Essentials (also free) is "supposed" to detect them so it might be worth a thought.

some other bloke...


Report •

#2
November 4, 2009 at 05:43:23
That's why NOD32 Antivirus 4 is on the top of my anti-virus software list. It blocks such malware very fast and effectively. I've used Norton for about two years and what I can say is that Norton fails to detect rogue security applications very often. I'm not even talking about zero days malware. Cyber Security was detected one month ago. I think that is enough time to add this malware into Norton's database. On the other hand, there might be a new variant of Cyber Security. Rogue applications change very frequently nowadays. Maybe this is the reason why Norton and AVG failed to detect this malware.

Report •

#3
November 4, 2009 at 07:21:49
I might suggest running FREE threatfire which you should scan once a week(or the paid version that does auto scans) along with the AV. It is supposed to catch anything that might try sneaking in before an AV update.
I use threatfire and it auto updates 2 or more times a day.
Just a thought.

Some HELP in posting on Computing.net plus free progs and instructions Cheers


Report •

Related Solutions

#4
November 4, 2009 at 08:27:54
Yeah, there are lots of ways to block this stuff. I am just surprised that two major AV programs (AVG and SEP) are so ineffective.

-Ryan Adams

Free Computer Tips and more:http://RyanTAdams.com
Paid Tech Support: Black Diamond


Report •


Ask Question