Results 1 to 9 of 9
  1. #1
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    116
    Thanks
    17
    Thanked 0 Times in 0 Posts

    "Windows Security Alert" malware

    Hi,
    My friends keep getting "Windows Security Alert" popups on their computer. The first time it happened, they clicked into the fake alert and went until it asked for their credit card number.

    After I visited them twice, and ran Malwarebytes, SuperAntiSpyware, and Malicious Software removal tool, I thought that we had found everything. However, it's back. I instructed them to use Control/Alt/Delete to open task manager and shut down the browser, and that seems to work, but it comes back.

    They use AOL desktop as their browser, and have CenturyLink's security protection on their dsl connection. I am not familiar with AOL.

    I've found a few things I can do. They may have an old unpatched version of IE on their system, so I will bring that up to date and disable any browser helpers. Also, I will run SmitFraud Fix on it. Another suggestion I've found is to check out MSConfig startup programs as well as Add/Remove programs for possible problematic items. Last suggestion that I found was to remove Windows Messenger, which could be supplying the malware repeatedly.

    Since I need to travel quite a distance to visit them again on Thursday, I was wondering if anyone familiar with AOL users might have further suggestions I can try. Their AOL version, I believe, is 9.6, so should be current. Malwarebytes should have taken care of it, I believe, so there's some other underlying problem.

    Thanks so much for any ideas. Judy

  2. #2
    5 Star Lounger chowur's Avatar
    Join Date
    Mar 2010
    Location
    Indiana
    Posts
    804
    Thanks
    0
    Thanked 54 Times in 51 Posts
    The latest version of AOL is 10.1.The best Uninstaller I have to date is,Revo here's the link;http://download.cnet.com/Revo-Uninstaller/3000-2096_4-10687648.html?tag=rb_content;contentMain
    God only knows,WHY any one is would want to use AOL still?Even for dial up their is better internet service providers.Oh well each to their own.
    BTW,the program above is FREE!
    Problems cannot be solved by the same level of thinking that created them. -Albert Einsten

  3. #3
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    116
    Thanks
    17
    Thanked 0 Times in 0 Posts
    [God only knows,WHY any one is would want to use AOL still?Even for dial up their is better internet service providers.Oh well each to their own.
    BTW,the program above is FREE![/QUOTE]

    Hi, chowur.
    Guess that's not my call. Their daughter set them up with it. It's all they've ever known, and they don't get very creative with their computer. Guess it's sufficient. My hope is just to find out why the usual anti-malware software isn't working. I want to at least nurse them along until their son-in-law comes for a visit in May. He's an IT guy! Judy

  4. #4
    Plutonium Lounger Medico's Avatar
    Join Date
    Dec 2009
    Location
    USA
    Posts
    12,631
    Thanks
    161
    Thanked 936 Times in 856 Posts
    Unfortunately AV/AM apps will not protect against the biggest offender that allows nasties on our systems. . . . . US! These unexpected pop ups are not in and of themselves malware, the malware is loaded when we click on them, anywhere on them. They are malicious pop ups and malicious web sites, but only exhibit the malware actions when we initiate them, and thus we ourselves trick our AV/AM apps because we cause the action by clicking.
    BACKUP...BACKUP...BACKUP
    Have a Great Day! Ted


    Sony Vaio Laptop, 2.53 GHz Duo Core Intel CPU, 8 GB RAM, 320 GB HD
    Win 8 Pro (64 Bit), IE 10 (64 Bit)


    Complete PC Specs: By Speccy

  5. #5
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Lightbulb "Rogue" Programs

    Hi Judy : Sounds like your friend has what the malware-fighting community calls a "rogue" ( "fake" ) program !? They come in different "flavors" that require different Steps be done PRIOR to running Malwarebytes Anti-Malware. The usual preliminary step is to run a program such as rkill.com or exeHelper or antiexehijack . I could find no CURRENT "Uninstall Guide" for "Windows Security Alert" and assume it has mutated from its 2007 and/or 2009 "Version" . There are excellent examples of "Uninstall Guides" in the "Malware Removal Guides and Self Help Guides" section of the Malwarebytes Support Forums located at http://forums.malwarebytes.org . If you are interested in the SPECIFIC website location of exeHelper or antiexehijack, let me know and I will provide it .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  6. #6
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    116
    Thanks
    17
    Thanked 0 Times in 0 Posts
    Thanks, tedshemyers and SpiritWind.
    Rkill, I've heard of that. Will do some more research on it. Thanks for the link. Sure would be nice to lick those 'flavors' for good.

    Yes, he did cause the whole thing by clicking. He even did it once after I explained not to click. Reflex action or whatever, I don't know. I have a feeling I should fill up the gas tank and be ready for more house calls. Thanks. Judy

  7. #7
    Super Moderator jwitalka's Avatar
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    6,792
    Thanks
    117
    Thanked 798 Times in 719 Posts
    Detailed removal instructions can be found here .

    Jerry

  8. #8
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Calif
    Posts
    182
    Thanks
    0
    Thanked 14 Times in 13 Posts

    Lightbulb

    Hi Judy : I seriously doubt the "Windows Security Alert" Rogue is the same as the "Microsoft Security Essentials Alert" Rogue !? However, the link jwitalka provided shows the RKill download link and its Instructions #3 and 4 are part of the usual preliminary steps needed when combatting a "Rogue" .
    For the BEST in what counts in Life :

    http://www.ctftoronto.com

  9. #9
    2 Star Lounger
    Join Date
    Dec 2009
    Location
    Minnesota
    Posts
    116
    Thanks
    17
    Thanked 0 Times in 0 Posts
    Hi, jwitalka and SpiritWind.
    I have done as suggested already. Rkill and MBAM. Plus anti-spyware. Plus Malicious Software Removal tool. I had those on disk so didn't have to download them on the infected computer. Yes, Windows Security Alert is different from the Microsoft Security Essentials Alert, but this one seems more determined. I thought things were going well yesterday, but apparently not. Got another call last night. A followup full scan started just before I went home brought up 200+ more items.

    My final attempt is going to be doing a system restore to a few days before he originally clicked into the rogue. If all else fails........ Anyway, it can't hurt and might help tide them over until their IT son-in-law comes to visit in May.

    Thanks to all for the helpful ideas. Judy

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •