Rogue AV
January 14th, 2010
I am increasingly seeing cases of infection from Rogue AV software. My company is currently working on phasing out our old Symantec 10 and replacing it with Kaspersky, but in the mean time we keep getting these infections.
Luckily the infections have not been very destructive. They are only in one user profile and are usually just an EXE in either Application Data or Local Settings/Application data.
Kaspersky’s viruslist.com has a good article talking about why these are so prevalent and how they are getting past some AV products. The article can be found here.
