Some people may have heard of scareware and may have a basic idea of what it is. Most however will not know exactly what it is and how exactly it works to.
Scareware is a type of malware that pretends to be a real anti-virus program. It appears in a pop-up window on your browser, and is designed to look and feel like a Microsoft program, so as to fool the user into believing it. The pop-up will always show a large number of infections that need to be repaired, and will offer to do so. However, when you press ‘OK’ or any other button that agrees to let the program do its work, it instead installs the main scareware program on your computer.
In fact, even pressing the red ‘X’, or anywhere else in the window will install it. The only way to prevent it from being installed it to close the browser completely, and start an entirely new session when you reopen it.
Once you have the original scareware program installed on your computer, it will prevent you from doing anything that you normally would in order to fix an infection. If you have an out of date anti-virus program on the computer then the virus will be able to disable it.
The scareware will also perform what is known as browser hijacking. A hijacked browser will often not go to the addresses that the user inputs to the URL bar. The browser instead redirects the user to only pages that the scareware allows them to see. This means that when the user runs a search for how to remove the scareware, or searches for an anti-virus program, all that they are able to see is more malware or other rogue programs designed to look legitimate.
When they download and install something to try and clear the infection, they end up installing more malware. If the scareware demands that the user pay a fee in order to remove the viruses, and the fee is paid, the viruses will remain and the scareware will continue to lock up the system.
A program called MalwareBytes is the best and most certain way to rid your machine of these malware programs. Unfortunately, if you have two or more malware programs on the machine there is a chance that they may be able to prevent you from running MalwareBytes. In this case, the only way to make it run is to stop the malware service running.
You can do this through the control panel or search box, by searching for ‘services’. You then select the local services on your computer, and scroll until you find the suspicious service. Please note that stopping a service can crash your computer, so you need to be careful to stop the right one-leave anything that looks familiar. Once the rogue processes are stopped, MalwareBytes can be successfully installed.
Scareware can be tricky to remove from a computer. It can be done, but ultimately the best offense is a good defense. Installing one of the many paid anti-virus suites such as Norton, or the free ones such as Microsoft Security Essentials and then keeping them up to date is the best way to protect your computer. Beyond this-don’t click links that you can’t trust 100% and never trust a pop-up that tells you that you have a virus!