Prevention and Removal
How to protect your computer and your wallet from rogue applications?
- Update all software (Windows, Office and 3rd party applications)
Use an anti-virus program that will guard not only your computer files against infection, but will also protect you while you surf. There are a number of good free antivirus program available - Avast!, for example.
- Use a non-admin user account in Windows or enable User Account Control (UAC) in Vista
- Enable the security features in the browser. Example: Internet Explorer has SmartScreen Filter that will check a website or downloads for unsafe contents
Delete spam and never install a spamvertized product. You can use ePrompter or Mailwasher.
- Use a two-way firewall protection
Add extra layer of protection if your antivirus program or firewall do not block rogue and bad websites – HOSTS file, restricted sites, Web of Trust, SiteHound, and SiteAdvisor et al.
Monitor the activity in your computer using WinPatrol
- If you are advanced user consider using Windows SteadyState, ShadowMode or Try&Decide.
- Backup regularly (consider storing your backup in external drive or by using online backup service)
- Always check if System Restore is running and working by creating a restore point before installing any application.
Not all anti-virus programs will catch everything. Consider installing an on-demand anti-trojan or anti-malware scanner that is compatible to your existing protection (a-squared, for example)
- Do not download crack or pirated software or music. Most of these have Trojans that will infect your computer.
- Avoid visiting unwanted websites. Use a website rating product such as WOT, SiteAdvisor, LinkScanner etc so users in your home PCs will be warned before they click a link.
Removing rogue applications
Some months ago I decided to put some anti-malware programs into test by checking their detections to new and old rogue programs. The result was disappointing because not every malware scanner will try to detect all known fake scanners especially the old rogue products. I’m glad though that most of them have added the detections and understood that even old rogue malware scanners can still be pushed or easily to found on the internet (especially if a user misspells a keyword or visits some blogs or sites that are compromised).
The images on this page are examples of rogue website showing a fake message. The test system is using up-to-date antivirus by Avast with Web Shield, TeaTimer by Spybot-S&D and SmartScreen Filter in Internet Explorer 8.
If you will see a fake message on webpage or on your computer, do not pay for the program to remove the fake security threats. You should attend to it by running a scan using trustworthy scanners. If your antivirus failed to protect you against fake malware scanners, you should consider installing antivirus that has advanced protection or add extra layer of protection.
If you need help in removing any type of infection (worm, virus, spyware, adware, rootkit, Trojan, rogue applications), you can easily get help by going to security forums that offer HijackThis analysis. Do not simply trust any calls from tech support that you do not know - those are scammers. Example: supportonclick.com, Support on Click or supportonclick, are all offering remote computer support services and pretending that they are working from Malwarebytes Anti-Malware (a reputable security company).