Quote: Originally Posted by nathal
Why is it that no anti virus program seems able to thwart the Rouge Antivirus viruses? lots of folks get tricked by these, and the major anti virus companies have done little to stop it. Anybody have any idea why it is so tough to prevent infection from these sorts of viruses?
Because in reality most rogue antiviruses do not act in a malicious way.
They don't destroy anything, they don't try to read your keystrokes, they don't try to download anything.
They just sit there and try to make user to pay for this useless software.
So, as you can see it is really hard to detect them as they don't act too aggressively.
Most real AV company have to walk on thin line, if they make their own engine aggressive in order to detect Rogue security software, they run a risk of detecting normal legitimate software (which happens to be trial, so asks money for upgrade).
That's why increase aggressiveness level in order to detect rogue AV can trigger high amounts of False Positive detection, which in some situation can be fatal to the system.
This is one of the main reasons why they are hard to detect.