Fake Antivirus Software

Bateeilee Blog will post Fake Antivirus Software. Have you ever installed an antivirus software thinking it was a legitimate program but you later found out you installed a fake application? If this has happened to you, chances are you installed a Trojan horse virus. This often happens when you visit a website that is infected with malware and are prompted with a pop-up message stating that your PC is infected. The pop-up window will include antivirus icons and will highlight a fake list of malware that has been detected on your machine. The fake antivirus window may even mimic the Windows Security Center. Consequently, you’re enticed to click on the scan button in order to quickly remove the infection. However, if you do, you will inadvertently install the Trojan horse virus. Furthermore, the Trojan horse virus may inform you that you have to pay to register the fake application in order to remove the false malware threats.

What is Winwebsec?


A variety of these fake antivirus applications exist. One of the most common Trojan horse viruses that fall under this category is called Winwebsec. Winwebsec has been distributed under several different names, which include:
  • Disk Antivirus Professional
  • Live Security Platinum
  • MS Removal Tool
  • Security Shield
  • System Security
  • Win 8 Security System
Please be aware that all of the above are fraudulent antivirus applications and you should avoid clicking and installing them.



When the fraudulent antivirus application is installed and executed, it performs a fake scan of your computer and reports false infected files. In addition, Winwebsec prevents you from launching your applications by displaying a message stating that the process is infected. It specifically targets and disables processes related to Windows Update, Windows Security Center, and antivirus software products. However, Winwebsec is sophisticated enough to allow Internet connectivity processes, which enables it to communicate to other infected hosts, download additional malware, contact the remote attacker, etc.

How to Protect Yourself from Winwebsec


Most users become infected with a Winwebsec variant by visiting an infected website. If you suddenly see an antivirus display box with a list of infected files after visiting a webpage, do not install, click on “scan”, or click on “remove all” if you are not 100% positive that the display is from your official antivirus program. Instead, access Windows Task Manager to view the running processes, applications, and services. Once on Windows Task Manager, I recommend closing your Internet browser application as well as anything associated with the suspicious antivirus program. Then, launch your antivirus application, install the latest virus definitions, and run a full-system scan of your PC to ensure that you did not become infected with the Winwebsec Trojan horse virus. In addition, you can take the following steps to prevent infection on your computer:
  • Install the latest system updates -- Ensure you have the latest updates installed on your computer. System updates help protect your computer form malware. Use Automatic Updates in Windows to automatically download and install Microsoft security updates for your computer.
  • Use an antivirus software application -- Once you install an antivirus software on your PC, you must update the application with the latest signature files. Configure your antivirus software to routinely check for updates and schedule your application to scan your machine on a regular basis.
  • Enable your firewall -- Firewalls monitor the network and are capable of blocking suspicious traffic. You can enable the Microsoft Windows Internet Connection Firewall for your computer.
  • Open email attachments with care -- Use extreme caution when handling emails and attachments you receive from unknown sources.
By following these steps, you significantly decrease your chances on becoming infected with Winwebsed. In addition, these steps will also protect you from other high risk malware threats.

0 komentar:

Post a Comment