expectit
asked on
Why/How does XP antivirus get installed?
I have had XP Antivirus on 7 different machines, across 3 different client companies. Each client has a different enterprise AV solution deployed: TrendMicro, McAfee Managed Security, and AVG's enterprise product. Some of the machines that got infected were completely up to date with Windows patches, some were not. Some of the users that had thier machines infected are known to do some sketchy web surfing, but other users don't do anything sketchy.
I've read online that the reason XP Antivirus is not caught is b/c it isn't really a virus or spyware - it is malware or rogueware. In your experience(s), are users clicking on something to allow this to get installed? Is this explanation legitimate?
I've always had good luck removing this with bleepingcomputer's combofix, so I'm not looking for help there - I just would like to understand and be able to explain why this keeps popping up. Because I'm not convinced this "rougeware, not virus" explanation is a good one, I've not been able to convince my clients that it isn't the fault of the AV program they have or (heaven forbid!) thier I.T. Service Provider.
I've read online that the reason XP Antivirus is not caught is b/c it isn't really a virus or spyware - it is malware or rogueware. In your experience(s), are users clicking on something to allow this to get installed? Is this explanation legitimate?
I've always had good luck removing this with bleepingcomputer's combofix, so I'm not looking for help there - I just would like to understand and be able to explain why this keeps popping up. Because I'm not convinced this "rougeware, not virus" explanation is a good one, I've not been able to convince my clients that it isn't the fault of the AV program they have or (heaven forbid!) thier I.T. Service Provider.
ASKER CERTIFIED SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
SOLUTION
membership
Create a free account to see this answer
Signing up is free and takes 30 seconds. No credit card required.
ASKER
thanks - that helps!
I have also been noticing that malware can get into your system from social networking sites. If your site (myspace, facebook, etc.) has an ad on it, the ad is on another website. If a hacker can gain access to the server hosting the ad images, they can inject code into the images themselves, so when you load your site, the code is immediately ran on your computer. These social sites are being targeted because of their massive amounts of users, giving the new viruses/malware a HUGE target audience :D. I say make sure you are running any internet explorer OTHER THAN IE OR AOL (IE with a pretty skin on it), and also install spybot search and destroy - update and immunize. And you also want a good antivirus. This way your system is protected from the standard barrage of crap floating around.