Saturday, July 10, 2010

Tackling the Fake Windows Security Center Malware

Last weekend had me tackling this tough piece of malware again.

The first attack was in January of this year on my son's computer.

We spent almost a day figuring it out.

And I decided that the program that worked to remove it should be installed on all our systems.

Regular anti-virus programs and firewalls are all ignorant of it.

This is a mean piece of malware that takes over the computer.

It easily installs itself from an infected website, and once you get the fake "Windows Security Alert" it is too late.

It doesn't look like a fake, and they want you to click on the links they provide telling you that you need to buy the software to "fix" and "secure" your computer.


There will be several other windows popping up and sliding up and down along the bottom that are meant to scare you.

What you need to do, is go to this website:, and follow the directions they provide.

They also have screen shots of what the pop-ups look like so you can familiarize yourself with them.

The one we tackled this weekend was much harder to remove than the one we had earlier in the year.

I am thinking it has morphed into a tougher rogue, and it recognized the software we had previously installed to remove it.

Unlike the first time, it had completely taken over the computer - we couldn't get online at all or use any program in the machine.

I was able to load the new Malwarebytes program on a flash drive and reinstall it into the infected machine once I had disabled all the start up options.

It works like a charm, and it cleans all the trojan files off the computer.

Just remember to keep it updated and run it occasionally as you do your anti-virus program.

I use the free version, but am giving some thought to the paid version.

The paid one would have caught it before it infected the computer.

But I have had conflicts in the past that slow down the computer once all these "safety" programs are all running.

Will just play it by ear for the time being.

No comments:

Post a Comment