Windows 7 Forums
Welcome to Windows 7 Forums. Our forum is dedicated to helping you find support and solutions for any problems regarding your Windows 7 PC be it Dell, HP, Acer, Asus or a custom build. We also provide an extensive Windows 7 tutorial section that covers a wide range of tips and tricks.



Windows 7: Rogue antivirus

16 Sep 2010   #11

Windows 7 Ultimate x86
 
 

Rootkit Revealer was made by Marc Russinovich (Sysinternals) after he uncovered Sony's plot to install Root Kits as a drm measure Sony BMG CD copy protection scandal - Wikipedia, the free encyclopedia.
I haven't used it with Windows 7 yet
I guess I'm paranoid then since it never happened on my system so far (knock on wood) I'm only the poor sod who's on call

-DG

My System SpecsSystem Spec
.

16 Sep 2010   #12

Windows 7 & Windows Vista Ultimate
 
 

I agree with what you say, jav, that the a/v vendors need to be careful to avoid false positives. The other problem is the rapid rate the rogues are distributed. They cannot be added to detection until the vendors have the appropriate file information to add to the dat files.

Quote   Quote: Originally Posted by jav View Post
Because in reality most rogue antiviruses do not act in a malicious way.
They don't destroy anything, they don't try to read your keystrokes, they don't try to download anything.

They just sit there and try to make user to pay for this useless software.
Rogues do more than just attempt to extort payment. Rogues are trojans and have been known to:
  • Prevent downloading to the infected computer
  • Change IE settings
  • Disable Antivirus Software
  • Disable the Security Center
  • Download additional malware
  • Add redirects to the HOSTS file (effectively blocking not only Microsoft sites but also security vendors and even security help forums)
My System SpecsSystem Spec
16 Sep 2010   #13

Window's 7 Home Premium 32 Bit
 
 

Mother In law just had this on her pc few days ago, She runs windows XP Pro, I've had this also on windows XP Pro but ( touchwood ) not on my windows seven, What a nightmare It was recovering her pc from this I can tell you, 46 Trojans In total!!
My System SpecsSystem Spec
.


16 Sep 2010   #14

 

The good thing is windows 7 seems to be much less susceptible to the rogue AVs
My System SpecsSystem Spec
16 Sep 2010   #15

 
 

Quote   Quote: Originally Posted by SledgeDG View Post
since most of those rogues prevent "recue programs" like taskmanager etc. from starting
-DG
You can copy/paste taskmgr.exe (Task Manager) from the system 32 folder to desktop and rename to iexplore, explorer or firefox and it should come up if an exe killing rogue is active allowing you to use Task Manager to kill the rogue's process and get a scan going with Malwarebytes or other apps.
My System SpecsSystem Spec
16 Sep 2010   #16
jav

Windows 7 Ultimate x86 SP1
 
 

Quote   Quote: Originally Posted by Corrine View Post
Rogues do more than just attempt to extort payment. Rogues are trojans and have been known to:
  • Prevent downloading to the infected computer
  • Change IE settings
  • Disable Antivirus Software
  • Disable the Security Center
  • Download additional malware
  • Add redirects to the HOSTS file (effectively blocking not only Microsoft sites but also security vendors and even security help forums)
Yes, sorry.
I was wrong in a way.

But most functions you have mentioned has evolved in order for Rogues to protect themselves. So, it's not actually their main task but just self-protect precautions.

Quote:
[*]Download additional malware
Yes, this one needs special mention.
And it is actually malicious thing they do and which happening very often.

Anyway I was wrong to say they don't do acting. Regardless what their motivation is, they really do actions you have mentioned.
My System SpecsSystem Spec
16 Sep 2010   #17

Windows 7 Ultimate x64 and Home Premium x64
 
 

I wouldn't say it is self-protection, but also to 'sell' the issue to uneducated computer users who are scared into just believing the problem exists. As viruses would also try and prevent tools from removing them as well.
My System SpecsSystem Spec
17 Sep 2010   #18

 

I want to test a few different AV/anti-malware combinations on one of my computers.. If someone knows a site that's serving up a rogue av.. PM me with the link.. having a hard time finding one
My System SpecsSystem Spec
17 Sep 2010   #19

Windows 7 Ultimate x64 and Home Premium x64
 
 

Quote   Quote: Originally Posted by madtownidiot View Post
I want to test a few different AV/anti-malware combinations on one of my computers.. If someone knows a site that's serving up a rogue av.. PM me with the link.. having a hard time finding one
Meh... If you really want to try and get yourself infected... Try the following searches:

Search for Lyrics - Strangely enough a lot of crappy lyrics sites.
Search for MP3s - Particularly popular music MP3s you can get for free
Porn - Invariably, some really lame Porn sites will also have some form of malware.
Game Cracks - Which tend to also invariably lead to porn ads and other crap you don't need.
Avian/Swine Flu - Silly as it may seem, the latest disease scare means people worried about it will invariably look it up and get hit.
My System SpecsSystem Spec
17 Sep 2010   #20

 

There's a good reason for my wanting to do it.. I get quite a few customers with rogue AV infections (almost all of which are XP systems), and I want to find an easier way to remove them, and hopefully find a completely free AV/AM combination that stops them beforehand. Besides, I can reinstall from an image in about 20 minutes and I have several computers to work with, so I'm not really worried about it

... tried the above suggestions... took me 5 minutes to find some infected sites.. all of which were blocked by malwarebytes RT scanning
My System SpecsSystem Spec
Reply

 Rogue antivirus





Thread Tools




Our Sites

Site Links

About Us

Find Us

Windows 7 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 7" and related materials are trademarks of Microsoft Corp.

Designer Media Ltd

All times are GMT -5. The time now is 07:09 AM.
Twitter Facebook Google+



Windows 7 Forums

Seven Forums Android App Seven Forums IOS App
  

1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33