Rogue Antivirus: What, Why, How?

Posted on: August 20th, 2012 by

The idea of a rogue antivirus is a little difficult for the average computer user to wrap his mind around. Numerous questions pop up when a computer is infected: How did the software get onto the machine? Who is responsible? What do they want? Why are the authorities letting them get away with it? None of the answers to these questions are simple but we’ll give it a try.

How did I get this rogue antivirus on my machine? That is almost always the first question asked when a user is told they have a rogue antivirus on their machine. 9 times out of 10 the answer is “You clicked on a popup and downloaded it yourself.”  “But wait!” they respond, “My antivirus did a scan and it told me I had viruses.”  This is where the confusion starts: the “scan” that you saw wasn’t a scan. It was a an advertisement made to look like your antivirus software. No matter what you were thinking you were actually doing, when you clicked on that graphic, your headaches had just begun. That is how most of these adventures start, but there are also infected websites and drive-bys. In general, though, the user starts the process.

How did it download? Either the software you downloaded had a backdoor that hid it from your antivirus software or the very first thing that the rogue did was disable your real antivirus software. So now the rogue has the ability and permission to take over your machine and there is almost nothing you can do about it without some serious help.

What now? First, the rogue pretty much takes over your machine and won’t allow you to do anything. Likewise, it won’t allow itself to be removed by normal methods.  It also won’t allow you to go to websites that are antivirus websites or places that can help you out.  What it does do is direct you to activate your antivirus to remove the viruses and “get protected”.  You are basically being instructed to pay some criminal $30 to activate antivirus or you can’t use your computer.  Most people still do not realize what is going on and they think they have a virus and the rogue is protecting them so out comes the credit card and into the hands of a criminal.

On a side note, it almost wouldn’t be so bad if you could say, “Okay, you got me. Here’s my $30. Now let me remove this and move on with my life”, but that’s really not the case.  Understand that the coding efforts of the writers of this rogue are not focused on customer service and uninstalls; they are focused on getting it installed on as many machines possible and getting money out of all of them.  So even if you did pay, that in no way means you get your computer back–but it is a sure fire method to have your credit card passed around the internet. Watch out! Lastly, you can assume that these fine people are going to do their best to continue their marketing efforts and use your computer to spread their rogue software to your friends and networks.

So how do I get rid of it? The process of removing a rogue is not simple, even for an experienced computer user. It must be done manually and can take some time.  By the time you recognize what you have, your best bet is to shut down your machine, pack it up and head to the local computer shop or try one of the many online technical services.

Can I prevent this? Can anyone prevent this? How do I keep this from happening again? The government is always trying to shut down these networks, but it is safe to assume that many of them operate in countries that aren’t supportive of our government or people. Our government can only operate where the local governments allow and many of these networks are protected by local governments.

The best way to protect yourself is to use common sense and never, ever click on a popup that seems to be coming from your computer. If it is coming from your computer, open that program (not by clicking the popup!) and find the issue from within.  Don’t be tricked into clicking a popup or downloading software because an advertisement says you should. Writers of rogue antivirus are smart guys and will continue to evolve as people become savvier. The best defense is your common sense.

>> Read our antivirus software reviews.