We’ve started receiving email messages passing itself off as a warning message from the Windows Security Center.

The subject of the message is Windows Security Center Alert!

The message contains a window informing you that your computer can be a victim of an infection and recommending you to scan your system. Additionally, it contains a link to a program that is supposed to remove these threats from your computer.

The message is like the following:

WindowsSecurityCenter_en

The website to which the link points can be any of the following, among others:

http://sterss<blocked>0mb.com/setup.zip
http://verno
<blocked>0mb.com/setup.zip
http://juliedr
<bloqueado>0mb.com/setup.zip

The file SETUP.ZIP, once decompressed, contains the rogueware detected as Adware/DataProtection. Once installed, it displays different messages depending on the language of the operating system installed in your computer.

It is programmed to display messages in the following languages:

French

Italian

German

Spanish

Norwegian

Polish

Czech

Ukrainian

Russian