These are usually anti-spyware or security software applications that use various forms of deception and/or unethical means or show a history of negligent false positives to goad the end user to make a purchase.
In some cases these applications maybe downloaded with some form of unwanted software at which point the rogue application is offered to the customer as a way to remove the unwanted software.
Comment:
This is a security program that can distribute itself from shady affiliates through an Active X control. The site uses Flash to inform the user that "pornographic and sensitive" files have been found. The number of files it reports may be the same on several separate PC's. Clicking the Flash content starts a download of the software.
Screenshots:
This is the installation of DriveCleaner 2006 Free.
Usually I can spot these threats a mile away but at the time i was rather tired and distracted fortunately (I HOPE) my anti virus software detected a trojan within the software so I canceled the installation then did a search only to find that a pf (pre fetch instruction had been placed in my system. I then did a registery search for all mentions of drive cleaner and deleted them along with all mentions of drivecleanr as well may not have got it all. I hope there are plans afoot for placing some kind of legal procedure that could allow countries to prevent software like this from being used in their country and possibly blocking sites that use this form of hijacking. Maybe an international register that would redirect anyone to a goverment site stating that these sites may harm your computer and then giving people the choice of if they wish to risk such harm. Such a register woul;d also provide an opportunity for these sites to clean up their acts and a legal route that would allow them to be removed from the register over time (obviously for a fee that should be set high). I would also be ameniable to the names of the web designers names and any other persons name being placed on such a register so as to prevent them from just opening another site. While some of what I have said may be impractical I feel that something should be done on both a local and international level to prevent such threats from harming individuals use of the internet
6 [