How to remove Fake Windows Security Center

Custom Search
Are you interested in any one of this Seminar, Project Topics. Then mail to us immediately to get the full reports, Presentations & PPT.
Email:- 123seminarsonly@gmail.com Advertisement
CS & IT Computer Science And Information Technology Seminars Topics Electronics Electronics Seminars Topics Mechanical Mechanical Seminars Topics Projects Project Topics Electrical Electrical Seminars Topics MBA MBA Seminars Topics Nursing Nursing Seminars Topics Civil Civil Seminars Topics Automobile Automobile Seminars Topics Advertisements

Advertisement

On visiting a infected Website, this rogue uses a variety of animated images to simulate an online scan that fraudulently claims to find many non-existent malware on the victims system. The purported scan runs even if the user clicks the cancel button. The scareware starts downloading in the background irrespective of where you click on the fake Windows Security Alert popup. In Windows Explorer 8, the tab re-spawns even if its closed.

This installer (setup.exe) is fairly new as only six antivirus engines detect this as malware at the time of this writing. It installs a well disguised, fake Windows Security Center , where all the links goad the victim to register the software.

It uses a flurry of Windows slide notifications and yellow bubble messages to scare the user to download and install other fake security software. Currently it promotes and installs any one of the fake security softwar Quick Heal Cleaner, System Cop, BlockDefense, SaveDefense, Trust Ninja, SaveSoldier, SaveKeep, Winishield or WiniFighter.

Method 1: (Manual)

Fake Windows Security Center Associated Files and Folders
File names are randomly generated.

C:\WINDOWS\system32\8ymnibx6.exe
C:\Documents and Settings\malwarehelp.org\Local Settings\Temp\8ymnibx6.exe
C:\Documents and Settings\malwarehelp.org\Local Settings\Temporary Internet Files\Content.IE5\4SOEDFRR\setup.exe
It also drops a number of random named .exe,.dll and other system files in the Windows directory.

Fake Windows Security Center Associated Registry Values and Keys
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\8ymnibx6.exe

Fake Windows Security Center Associated Domains
This scareware was observed accessing the following domains during installation and operation:

demoscan4free com
noliporedtre com
www.quickhealcleaner com

Method 2: (Automatic)

The free version of MalwareBytes appear to remove this rogue security software.

1. Use an alternate browser like Firefox or Chrome to download and Install either MalwareBytes s Anti-Malware from the above link.
2. Also download CCleaner.
3. Boot in to Windows Safe mode.
4. Click to scan with your MalwareBytes software. Check mark all instances of the rogue security software and delete them.
5. Turn System Restore off and on.
6. Install, scan and clean the temporary files with CCleaner.

You should now be clean of this rogue.

Related Topics :

How to remove Fake Windows Security Center

Sponsored Links:-

Useful links

Useful links

Like Us