One of the many things that being a member of the Blogging community permits me to do, is pass on critical information concerning new, or evolving, Internet security threats.
Often I am notified of these threats by readers who either email me directly, or by readers commenting on a particular article.
Such was the case this morning when I received a comment from Mark, a Blogger himself at mark-techwalker pointing out the dangers of PCAntiSpyware a cloned version of the rogue anti-spyware threat PCCleaner. You can read his article on how this virulent piece of malware infected his daughter’s machine on his Blog.
In researching this malware I have discovered that PCAntiSpyware is capable of hijacking the desktop, after it infects a computer, by way of web browser security holes. As well, it can be inserted onto a machine by a number of Trojan downloaders.
As with all rogue security applications, PCAntiSpyware was developed to mislead unaware computer users’ into downloading and paying for the “full” version of this bogus software, based on the false malware positives generated by the application. Of course this application, since it is rogue software, can not detect or remove spyware.
Worse, PC-AntiSpyware has the potential to gather private and personal information from an infected machine. This could include passwords, credit card details, and other sensitive information.
As Mark pointed out in his comments, PC-AntiSpyware relies, to some extent, on social engineering to convince unaware users to install this very dangerous malware application. Remember that you are your own greatest line of defense against social engineering attempts. STOP. THINK. CLICK.
Generally, reputable anti-spyware software is capable of detecting rogue software if it attempts to install, or on a malware scan. But this is not always the case. Anti-malware programs that rely on a definition database can be behind the curve in recognizing the newest threats.
A good partial solution to this problem is to ensure you have installed, and are running, an anti-malware application such as ThreatFire 3, free from PC Tools. This type of program operates using heuristics, or behavioral analysis to identify newer threats.
As well, Malwarebytes, a reliable anti-malware company has created a free application to help keep you safe and secure. RogueRemover will safely remove WinAntiSpyware/WinAntiVirus, SpyAxe, VirusBlast, VirusBursters, as well as a number of other rogue applications.
An absolute must is making sure that the security application you are considering installing is recognized as legitimate by industry experts. An excellent web site that will keep you in the loop, and advise you what products work and have a deserved reputation for quality performance is Spyware Warrior.
PCAntiSpyware quick facts:
- Changes browser settings
- Shows commercial advertising
- Stays resident in background
- Has the potential to steal private information
11 responses so far ↓
Don’t Install PCAntiSpyware - Rogue Security Software! // May 4, 2008 at 2:30 pm |
[...] [Technorati] Tag results for spyware wrote an interesting post today onHere’s a quick excerpt One of the many things that being a member of the Blogging community permits me to do, is pass on critical information concerning new, or evolving, Internet security threats. Often I am notified of these threats by readers who either email me directly, or by readers commenting on a particular article. Such was the case this morning when I received a comment from Mark, a Blogger himself at mark-techwalker pointing out the dangers of PCAntiSpyware a cloned version of the rogue anti-spyware th [...]
Nick Skrepetos // May 4, 2008 at 5:07 pm |
SUPERAntiSpyware Free Edition will remove and protect against these rogues as well. Having multiple layers of protection is the key as no single application can catch everything on a given day.
g // May 4, 2008 at 10:41 pm |
I’m pretty paranoid.
I run Lavasoft adaware, AVG8, spybot, and ccleaner.
Samuel John // May 5, 2008 at 2:10 am |
Thanks for Sharing this usefull information on AntiSpyware. It helped me greatly.
Install AntiSpyware
Kurt Baumgartner // May 5, 2008 at 1:48 pm |
Bill- Thanks so much for checking out ThreatFire in relation to protecting users against Rogue AntiSpyware.
We blog about the different varieties every now and then, and to add a quick thought to your discussion, I’d like to mention that we’ve seen these rogueware families as the most prevalent malware in 2008 altogether. Every day, users are convinced that they should install this stuff.
The makers churn out new themes for their fraudulent software every couple of weeks, and the list of variants is getting very long. Thanks for giving the problem some deserved attention.
Kurt
Radamés // May 6, 2008 at 10:39 am |
Hi Bill, this is another example of how people fall in traps because their lack of techno-knowledge.
Bill, I’m having problems with VLC Media Player in Vista; I hear the sound of the video but the image is black. I suspect I need a codec, but I dont’n know what exactly I need. Any ideas?
JASON // May 8, 2008 at 2:52 pm |
Added to my blacklist
thanks bill….
anti spyware software // May 10, 2008 at 4:29 pm |
[...] machine. This could include passwords, credit card details, and other sensitive information.http://billmullins.wordpress.com/2008/05/04/dont-install-pcantispyware-rogue-security-software/SpywareBlasterPrevent the installation of ActiveX-based spyware, adware, browser hijackers, dialers, [...]
Using Vista’s Backup and Restore Center « Regularpcuser’s Weblog // June 14, 2008 at 2:04 pm |
[...] Antispyware programs was very informative about rogue programs out there now and can be found here http://billmullins.wordpress.com/2008/05/04/dont-install-pncantispyware-rogue-security-software/. Bills blog is quite informative and very well done. I recommend you check it out for a number of [...]
John H Doran // February 22, 2009 at 2:21 pm |
I have Norton , ascentive and Webroot Anti spyware programs.
Ascentive identifies 2 spware programs while Norton and Webroot do not identify spywares.
My question are : is ascentive reporting a false positive? Is Norton and Webroot failing to report a positive.
Bill Mullins // February 23, 2009 at 11:42 am |
Hi John,
It is not unusual for anti-malware applications to report false positives.
In the case of Ascentive however, I recommend that you read “Finally
Fast.com – Fast Scam! Free Alternative
Software”,
on my site, for a review of Ascentive’s products.
Bill