The ultimate guide to scareware protection
by Dancho Danchev | September 13, 2009 5:36pm PDT | Image 1 of 58
Previous | Next
Diverse portfolio of fake security software - scareware-
In order to avoid the negative publicity of a particular scareware brand, cybecriminals periodically change the brand and the layout of the application. They intention however remains the same - to scam gullible users.
Talkback Most Recent of 41 Talkback(s)
-
Scams
I have seen many of these screens before, on my own PC. I usually retreat to AVG, Norton, or Symantec sites to check their claims, do online scans, and Google search to find unhappy "users"
Quebec9914th Sep 2009 -
RE: Doctor Antivirus 2008 (The ultimate guide to scareware protection)
there ought to be laws... even so far as a kind of "western justice". BILLIONS of dollars are wasted each year in productivity loss due to these scams!
catcreekjim14th Sep 2009 -
TrendMicro RUBotted
You might want to check TrendMicro's RUBotted. I installed this thinking it might be a good idea. Two weeks later it "detected a bot." It instructed me to download some other software to remove the "bot." On attempting to install this software I was informed that I "must" remove SpyBot. When I did that SpyBot had a message stating that TrendMicro could not explain (nor could SpyBot) why Spybot S&D had to be removed.
I smelled a rat and removed RUBotted. None of my other detection programs have detected anything amiss.
LBean14th Sep 2009 -
semi-scare ware
The problem with RUBotted is that is also a bit
paranoid inducing. After it "detects a bot" make sure you read the log before you go to their clean up. A lot of the time its for
something on the order of somehow you talking
to a suspect site. If its something simple, just clear your log, otherwise consider using
something to clean up your system. The
problem with the online versus is that it is
terribly slow.
I think of RUBotted as a potential semi-scare
ware in that it is over reacting to a potential
problem in order to get you to go to their site
to advertise their software to you. That said,
at least they do sell real software as opposed
to fake application that do nothing real.
As to spyware search and destroy, well it does
sound kind of nasty, but it is possible that the applications do not play nicely together.
richard23314th Sep 2009 -
Trend Micro Internet Security...
I went to IS 2006 when Norton was obviously blowing itself up. I really liked the program, but had great difficulty getting the Spybot S&D immunizer to work with PC-cillin. Somehow I got them to work together, but the 2007 product was just as bloated and junky as Norton by that time, and I abandoned all suite software from then on (until now).
Standalone products work way better, and use less system resources. Spybot S&D is finally obsolete, however. My clients are doing much better with Adaware Anniversary Edition and AdWatch enabled. I think this is a move to pitch Safer-networking off the market for good.
MBAM is all you really need though(for malware) with a lifetime license on the real time protection. Just no comparison out there. Superanti-spyware may be doing this now too, but it may hog system resources; I notice the scan does, even without the real-time protection.
Believe it or not, I was basically forced into using NIS 2009 for about a year now, and no viruses! No particular performance hit either!! I was very surprised when I upgraded a client that had NIS 2005 on his older PC, and it improved the performance!! Go figure! I can now recommend it for users with a bigger budget and no particular adeptness for security.
JCitizen14th Sep 2009 -
RE: Doctor Antivirus 2008 (The ultimate guide to scareware protection)
While I have spent some time removing these "Scarware" products from our work computers, I still think a lot of the burden should be on the user (I try and teach them not to go or download them).
straylor@...14th Sep 2009 -
I heard that about the users;
But as my first boss used to say if it wasn't for the users screwing up we would have one heck of a system here.
doug.miller@...14th Sep 2009 -
I heard about users....
I think most IT professionals should bear in mind that very few organizations are in the business of IT; providing support to users (who are creating wealth by the way) is our purpose. Very few people in IT directly create wealth.....
ltrombley14th Sep 2009 -
Great wisdom...
and besides I don't fault the user, these things come in as drivebys on legitimate sites. My AV blocks them before they have a chance to get through the firewall.
On XP a good Comodo/NOD32/AdAware combo defeats them regularly also.JCitizen14th Sep 2009 -
RE: Doctor Antivirus 2008 (The ultimate guide to scareware protection)
Would that it was so simple. Gone are the days that we could say "Don't click on attachments, don't download anything and you'll be fine". These days, even visiting a reputable site like the New York Times can lead to a drive by install. Users don't have to actually do anything wrong, compromised websites, compromised website advertising and scripting vulnerabilities lead to infections very easily. Sad state of affairs.
xelan14th Sep 2009 -
RE: Doctor Antivirus 2008 (The ultimate guide to scareware protection)
WHAT SOFWARE CAN STOP-DELETE THIS NEW CODEC ATACK,DON'T LET IN???
grampa1631@...14th Sep 2009 -
NIS 2009...
I see it popup, occasionally to tell me it has kicked butt on one variant or another before it even downloads.
Thats Norton, but MBAM may be able to block it too, and it has a very economical lifetime license for realtime protection for personal use.
I've seen mine kick butt in real time on a lot of malware(some false-positives), but it won't Identify it unless it is already on your PC and being quarantined from a scan. It also fixes any registry cracks the malware has committed.
MBAM = Malwarebytes-antimalware, you can use it free as a scanner - download from CNET or FileHippoJCitizen14th Sep 2009 -
RE: Doctor Antivirus 2008 (The ultimate guide to scareware protection)
TREND MICO over the last 3 years is NOT compatable with SpyBot as well as ADAWARE. I've used the Trend AV Software for 4 years and found this out the hard way.
I removed all TRENDS Software and installed a Different one and all was good. If one likes Trend so much they won't replace it, your going to have to dao without SpyBot and Adaware. No to mention if you had SpyBot running at one time all the flagged/deleted/and quarentined stuff that gets loaded onto ones Registry.
I learned the hard way, with hours and hours of cleaning and removing stuff from my HD/Registry and then some.
Use Trend, you can't use Spybot & Adaware.
Use another AV Program and after using Trend with Spybot & Adaware your in for hrs of fun and games!
BTW; This is all listed on TRENDS Knowledge Base Page!
ltfons@...14th Sep 2009 -
Yes - after IS 2006, PC-cilline became..
a pain in the @ss! I got rid of it and went to NOD32, which LOVES Spybot, Adaware, MBAM, - it don't care 'cause it is just a dang good antivirus. The free Avast is almost as good.
Trend was almost good enough in 2006 to use by itself, but not anymore. I don't use ANY suite by itself ANYMORE, and never will. If the AV can't play nice, it ain't worth have'n. I spent two years tearing my hair out and running laboratory honey pots to find this out.JCitizen14th Sep 2009 -
The Ultimate way to stop this
Is for the various credit card industries install a method to actively deny charges to an identified scamware business. heck, they have the power and should use it to prevent this type of fraud.
CaptOska14th Sep 2009
Talkback - Tell Us What You Think
The best of ZDNet, delivered
ZDNet Newsletters
Get the best of ZDNet delivered straight to your inbox
