How Did the Rogue Security Software Install Itself on My
Computer?
Sometimes a rogue spyware removal program, security program, or other
unwanted program will suddenly appeared on your computer without your
permission and want you to buy it to remove the fake alerts and other
issues claiming your computer is infected. Most of these infections are
described by the term "drive-by". In other words, you visited an
infected website or clicked on an infected search engine result and you
are presented almost immediately with alerts telling you that your
computer is infected. The creators of such sites are very good at
social engineering. They lure you into clicking on a link to install a
removal program, or worse yet, entice you into paying for a program and
thus stealing your money and possibly even your identity. Once you've
clicked on their link or accepted the installation, the site might
install a trojan that takes over your system, a rootkit that redirects
your search engine results, or even a keylogger to record what you
type. They might show popup ads, slow down your computer, disable
Windows updates, antivirus programs, and firewalls. These programs can
be very dangerous and need to be removed immediately.
Some of the infections may have come from you downloading an infected
codec file when you were trying to watch a video online, like the Zlob
trojan, or opening an infected PDF file. Malicous flash or java
programs can also infect your computer with these rogue security
software programs.
Finally browser exploits, security issues in the browser, can allow some of these infections to install themselves.
How Can I Protect Myself
There are a number of things you can do to protect your computer from
becoming infected with a rogue security application.
- Keep your Computer
up-to-date with Windows Updates
- Keep your Antivirus,
AntiSpyware, and Firewall Applications up-to-date
- Be careful when clicking on links in email or on social
networking sites
- Be aware of phishing scams and how to avoid them. Phishing
scams are generally emails wanting you to go to a web page and enter
personal information about your bank, credit card, or other private
information that can be used in identity theft. No legitimate
organization will ever instruct you to go to a web site and enter this
info. If you have a question, stop and call the organization directly
about the email.
- Use a limited user account instead of an administrator
account when surfing the net. Limited account will not allow you to
install programs without asking for your permission and a password
first.
Step by Step Directions for Removing Rogue Security Software
Programs
Listed below you will find various pages on how to remove these fake
spyware cleaner programs. Not every rogue security program is listed
here, because most can be removed using a standard removal procedure in
Windows Safe Mode with
MalwareBytes AntiMalware.