I'm a young computer programmer looking into computer security and I wanted to ask a few questions.
1. Over the past 3 months, ive been hit with 3 various rogue anti-viruses, 1 of which I successfully removed, 1 I had to go to experts, and 1 more im in the process of deleting right now. I've noticed a few particular things that i find interesting about them. One thing is that every time there is a rogue anti-virus attack, I go to the processes list in the Windows Task Manager and find several processes with mirror copies of each other running side by side. My question is, how come anti-virus softwares cant pick this up?
2. When i looked through the processes list during one of the rogue, I noticed an interesting process with a description written exclusively in russian. That is the only process I've ever seen on any of my 3 computers with a description written in russian. After terminating the process tree, the rogue temporarily stopped it's attack long enough for me to access the internet and various other applications. If I alone was able to do this, why can't an anti-virus application figure it out as well?
3. Rogues, trojans, worms and viruses are known to use the dirtiest tricks possible to achieve their result. Why can't an anti-virus be designed to do the same? I've heard of rogues that are able to shut down the system's native anti-virus and embed themselves as deep sometimes as the BIOS system. Why can't an anti-virus be designed to so itself? So that even if the anti-virus is disabled by a rogue, it can restart itself on a dime.
4. Anti-virus companies overblow their claims way to much. They claim that they can cure anything and everything. "Make your computer run faster than ever." And lately ive been finding rogues and anti-viruses ever harder to tell apart. I've had an instance where an anti-virus actually acted as if it was a rogue. I panicked, deleted it, and only to months later look it up on various sites and find out that it's a legitimate anti-virus. I have to truthfully admit that I've found open source, non-profit sites and applications to work better and do jobs that I pay professional anti-virus companies to do much better. In short, Why can't these companies just go back to the basics of solving problems instead of earning money?
Thanks for taking the time to read all this.