Windows Secure Workshop is a fake antivirus that impersonates name of legitimate anti-malware tool. It has no relationship with Microsoft. With the same GUI like Windows Safety Series, it is also a scam created to cheat users. This virus can create a startup registry entry to enable its automatic execution at every time when Windows boots. Once a user accepts this rogue software and allows it to enter the system it will cause all types of havoc in your system.
At the first beginning, it displays lots of misleading popup alert messages and fake system scan results to scare users and push them to buying its useless software. This tricky virus always protects itself from detection by blocking all important security related programs, making the removal rather difficult. It bombards annoying pops up to compromise your screen, also can download additional files onto the compromised computer, misleading you thinking PC is seriously infected. The purpose of all this is to make the user purchase the complete version of the application, which actually does not exist. Users should not trust this virus or pay for this crap since once the payment is made, the user will get a firsthand experience of how this software does not do anything to get rid of the threats. This rogue program causes irrevocable damage to your system. Thus, it must be removed as soon as possible once upon detection.
Windows Secure Workshop displays various fake security messages. These falsely generated notifications should be disregarded and never be acted upon. Instead, you must take action to remove it as soon as possible.
1. Reboot your computer to safe mode with networking. As your computer restarts but before Windows launches, tap “F8” key constantly.
2. Show hidden files and folders.
Open Folder Options by clicking the Start button, clicking Control Panel, clicking Appearance and Personalization, and then clicking Folder Options.
Click the View tab.
Under Advanced settings, click Show hidden files and folders, uncheck Hide protected operating system files (Recommended) and then click OK.
3. Open Registry entries. Find out the malicious files and entries and then delete all.
Attention: Always be sure to back up your PC before making any changes.
a. Press the “Start” button and then choose the option “Run”. In the “Open” field, type “regedit” and click the “OK” button.
b. All malicious files and registry entries that should be deleted:
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Internet Settings “WarnOnHTTPSToHTTPRedirect” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegedit” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableRegistryTools” = 0
HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System “DisableTaskMgr” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorAdmin” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “ConsentPromptBehaviorUser” = 0
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\system “EnableLUA” = 0
Bear in mind Windows Secure Workshop is only designed to pretend as a fake optimization program. It was released to gain the income for scammers by tricking people into paying for so called ‘registered version’. Don’t fall into this trap! This malware may replace background with huge warning about infections, and even stop your PC from executing all programs. It won’t eliminate any threats but only infect your machine further with more cyber intruders. Ransomware like Canadian Police Cybercrime virus can also find a way to attack the infected computer. The malicious activity of this rogue program should be ignored and eliminated as quickly as possible so as to secure the stability and normal operation of an infected PC.
Published by & last updated on May 28, 2013 11:26 am