Rogue Programs

• On this page:
• How to avoid the traps of rogue software and false advertising.
• How to check for and remove rogue software that might already be in your PC.

What are Rogue Programs?

People concerned about computer security have been talking about a pest that they call 'rogue software' or 'rogue programs'.

A 'rogue' is usually software that pretends to be a useful security-related program – e.g. anti-spyware software – but is sold with misleading (or just plain false) advertising and is often bad quality – or worse, a real, serious security threat (such as spyware).

An analogy:
The sellers of rogue programs are like the people that carry out various home-security scams: e.g. they sell poor quality burglar alarms and home security devices.
They over-state how effective their rubbishy products will be.
They advertise in a crime-ridden area so they can exploit householders' fears and exaggerate the level of danger.
Then they claim their products are an excellent solution. In fact they are poor quality: security experts would supply much better protection for the same price or less.

Sometimes these scammers will carry out a few break-ins and burglaries in the neighbourhood – to make sure that home security is on everybody's mind when they come knocking at doors.

In the case of computer security:

• The crime-ridden area is the internet
• People quite rightly have fears about virus and spyware threats. But the scammers will exaggerate this with fake scans that always claim 'your computer is infected!' or something of the sort.
• The rogue programs are the rubbishy products sold with exaggerated or false claims about what threats exist and the quality of their solution.

In short, the usual behaviours of rogue programs include:

• Aggressive advertising
• False advertising
• Fake 'scans' of your computer
• Software that is not very good

The anti-spyware business has attracted a lot of rogues.
In this market the rogues can exaggerate and exploit the concerns that people have about spyware. Also they can easily lie, simply claiming that their scan has 'detected spyware on your PC'.

The good news:
The good news is that we can learn to spot rogues and avoid them.
Avoiding rogue software is a lot easier than getting rid of a pushy salesperson who actually comes knocking at your door.

If you are new to all this, and want a quick explanation about spyware and adware then check our pages:

About Adware on our Adware Information page.

About Spyware on our Spyware Information page.

Below on this page we explain how to spot the rogues and avoid them.

How can we avoid rogue programs?

Our main message here is that we need to be very careful when choosing security software, especially anti-spyware tools.

I keep mentioning anti-spyware tools when I talk about rogue programs. However rogues come in other forms too: e.g. poor quality anti-virus software, or something that says it will tweak and optimize your system or registry and remove 'problems' that it has 'detected'.

For some trusted brands of registry utilities see our page about registry tools and similar software.

In short: Don't just download and install any old thing that you might see advertised on the internet. There is too much false advertising and rogue software.

Rogue Software and False Advertising

Unfortunately, not everybody claiming to offer you anti-spyware software (and other security tools) is an honest dealer.

Here is a quick list of things to watch out for: this will help you steer clear of rogues.

Rogues that use False Scan Results

Some sellers falsely claim to find spyware or other security problems on your system with their free scan. This is just to frighten buyers into paying immediately for the software to have the 'problem' removed.

This scare tactic is known as deliberately showing 'false positives'.
(Note that this is not the same thing as when your security software makes an honest error, which can also often happen.)

Completely False Advertising

Worst of all, some supposed anti-spyware tools are nothing of the sort but will, themselves, expose you to spyware or adware. This is real rogue software, the main danger that the people at Spyware Warrior and Malwarebytes are fighting to stamp out.

See also: our glossary page has information about rogue programs. (Glossary links open in a new window.)

Fake scans along with aggressive advertising

Some anti-spyware and anti-virus advertisers use aggressive advertising with fake 'Windows Alert' messages and scare tactics.
I mean images like this below...

...which often have an alarming message to suggest that your Windows system is in 'danger' or 'infected' or likely to crash, and so on.
Sometimes the the entire image is a link: the idea is that a user might click on the X to close the message but will but taken to the advertiser's web site instead.
This technique is known as using a 'FUI', i.e. Fake User Interface. Respectable software suppliers do not use this trick.

Rogues that use Pop-Up Downloads

Some rogue spyware tools try to force themselves on you with a series of pop-up boxes, usually incorporating fake user interfaces along the way.

Here is one I encountered recently. It claimed that it had already 'scanned my PC' and found potential threats.

This kind of fake user interface with pop-ups intends to trick you or force you to download the software.

There were previous dialogue boxes like this: it didn't matter what button I clicked on, e.g. YES, NO, CANCEL or whatever. The pop-ups kept pushing me towards the point where I would install the software no matter what options I clicked on.

Notice the fake 'CRITICAL' notices – it claims to have 'detected' trouble on my PC.

In case you have any doubt about this kind of thing, I can assure you it's fake because it all happened on my Linux computer which does not have any of those files and folders.

By the way, when I first saw the 'advertising' for this rogue I blamed the internet advertising company. I thought they must be unethical to allow advertising like this on their network.

However, according to one advertising company, the rogue advertisers can trick the internet advertising company (i.e. the company that actually serves the ad out to web sites).

The rogue advertisers first submit an unobjectionable ad to be displayed: then once it is accepted they switch it with their pushy pop-up advertising.

I imagine it would be quite difficult to carry out this kind of trick on the bigger advertising networks like Google, Yahoo and MSN. But there are a lot of other networks.

Rogues that are Just Plain BAD Quality

Some anti-spyware tools are just incompetent, unable to completely remove some of the well-hidden spyware.

(Here is where we list reputable brands that can be trusted.)

It is a case of 'buyer beware' and we should not get a false sense of security just because we used one tool that reported it found no spyware, or that it found some and fixed it.

Choosing anti-spyware software

So, there is a lot of anti-spyware tools we can get but some are rogues: how do we know which are good?

Well, you could just trust us and see our page about good adware protection and anti-spyware software.

But you don't have to trust us.
There are other people on the web who expose rogues and scams. They identify software that is sold with false advertising, software that's just useless, and 'anti-spyware' software that is itself spyware.

You can narrow down your choices by starting with some of the tools identified at Spyware Warrior as being reputable and worth using.

(We have included most of those on our page about good anti-spyware and anti-adware software.)

And of course you would definitely NOT use anything that is on the blacklist.

Buyers' Guide

Suppose you are looking for anti-spyware software: you see a product advertised or you hear about something that sounds good, but you have not heard the name before.
You don't know what kind of reputation it has. In that case I strongly advise you to check the Spyware Warrior Blacklist and avoid anything listed on it.

Here's how:

• Go to Spyware Warrior's list of rogue anti-spyware tools:
• Check the (alphabetical) list of bad anti-spyware tools there:
• Make sure the software you are thinking of using is not on the blacklist.

Please remember that a blacklist like this (there are others too) is the author's own opinion.

Another list can be found at Malwarebytes, home of Malwarebytes Anti-Malware.
(See below on this page to find out what Malwarebytes Anti-Malware is for.)

The attitude behind the blacklists is usually that it is better to be safe rather than sorry: their lists might be based on quite high standards.

Perhaps you already have a spyware tool, what do you do if you find it on a blacklist?

Don't worry.
It may be a perfectly good tool, but the people keeping the blacklist disapprove of the way it is advertised (e.g. if it is advertised with scare tactics). They may just think that the tool is incompetent and a waste of your money. (These people are just trying to help.)

You just need to find out why it is on the blacklist.

The only reason to be really worried is if the software is actually exposing you to spyware or other malware.

If that's the case get rid of it.

If you are not sure how to get rid of it, see below on this page: that's what Malwarebytes Anti-Malware is for.

Note

Sometimes good software is on a blacklist because people who are not the software maker advertise it by unethical means.

For example, you can buy anti-spyware tools directly from this very site: e.g. you can buy Webroot's Spy Sweeper from here.

But if I was using false advertising and wild claims to persuade you to buy Spy Sweeper, it would not be the fault of Webroot.

But it might be enough reason for Spy Sweeper to appear on some blacklist, although it comes from a respected company.

In any case, on the lists of rogue programs at Spyware Warrior and Malwarebytes you can see the reasons for programs being identified as rogues.

By the way, if I did use false advertising on this site I am pretty sure Webroot would quickly forbid me from recommending and displaying their products. So would any of the other respectable security companies whose products are mentioned here.

To Remove Rogues: Malwarebytes Anti-Malware

Problem:

I already installed anti-spyware tools – but now I think they might be rogue programs: what can I do?

I think a website that my children used has installed a rogue program: what can I do?

Solution:

There is a specialised tool for finding and removing bad anti-spyware tools and other rogue programs:

That's Malwarebytes Anti-Malware. (You can download the free version from that link.)

Why would Malwarebytes Anti-Malware be good at finding rogue programs?

Because they formerly had a separate program dedicated to handling rogues.

Presently the technology is incorporated into a single, more comprehensive, anti-malware program.

The rationale of Malwarebytes is this: there are other good antivirus and anti-spyware tools. But new kinds of malware are always appearing. Their behaviour or methods do not always fit the typical characteristics of something like a virus or worm. So some specialist attention to detection and removal is needed.

The question of removal is no small matter. The removal of some pests is quite tricky. Also the job might be outside the scope of what anti-virus software would normally be expected to do.

Malwarebytes Anti-Malware is available in about 30 different languages.

You can get a very functional free verson of Malwarebytes Anti-Malware from the links here. (Look for the 'Download' buttons on the Malwarebytes site.)

Like most of the good guys in the PC security business, the people at Malwarebytes will not leave you stuck: i.e. you get a free scan and clean-up of rogue programs. No payment is required unless you want to activate extra features later.

Also: If you want to upgrade to the fully featured version the price is a once-only payment. (That's for private customers - businesses have a different arrangement.)

This is excellent value for money because, as I am sure you have noticed, a lot of software these days is sold on the basis of an annual license.

Malwarebytes has an excellent forum on their website. It is frequented by both security experts and ordinary users and is very friendly. You only need to take a quick look at the forum to be assured that there is plenty of support for users.

Prevention is better than cure: Malwarebytes Anti-Malware also provides protection to keep you safe from websites that can stealthily install rogue software without your permission.

This is paticularly useful if other people (e.g. your children) use your computer. You yourself might know better than to install rogue programs or fall for the usual tricks, but other users might not be so careful.

Gallery of Rogues

It can help to know some of the 'infamous names' of spyware. NoMoreSpyware lists some of the names of known spyware and the names of companies, people and websites that spread spyware.

At spyware-techie.com you can read about a lot of rogues and fake security tools that the Techie finds. Things like "AntiSpywareExpert" and "VIPAntiSpyware" that have nice names but are threats, not helpers.

The Spyware Techie describes these rogues well. In case you have unwittingly installed some of this malware, he explains how to remove them too.