Help! My computer has a pop up saying a virus was detected and I need to take action to repair my computer. Should I click on the updates?

STOP! Do not click anywhere on this message. What you have is malware that emulates an anti-virus alert, and clicking on it will disable your PC.

Here's more information on this malware, how you get it, and most importantly, how to get rid of it.

What is it?
It's malware that emulates genuine Microsoft or anti-virus alerts. It usually arrives in the form of a pop-up warning or a scanner telling you that your computer is infected and installs itself onto your system. Once installed it disables machine functionality.

This type of malware uses Windows logos and similar graphics, so it's easy to mistake it as a legitimate warning.

Anti-virus 2010 has been around for years and is also known as AntiVirus 2008, AntiVirus 2009, PC Security, XP Antivirus, and AntiVirus 2010 among other names. Newer versions of this spyware are sophisticated and often take on a different form with each infection, so that each infection requires special attention and it is impossible for just one tool or method to clean it. Once a machine is infected it is very difficult to get rid of.

How Do You Get It?
The simple answer is the internet, usually by browsing to different websites via google or another search engine.

When browsing, it's always a good idea to be wary of clicking on links to sites you are not familiar with. However, sometimes even legitimate sites can be affected. A site's advertisements may be hijacked, or the link to the site itself can be compromised so that a user may be unwittingly redirected to a false link and receive the fake alerts or pop-ups.

Sites that register higher in search rankings are often popular targets for this sort of attack, and often there is nothing that the end user did or can do to prevent this.

How Does It Work?
These fake alerts are coded so that when you click on them to close (for example even clicking "Cancel" or the "x" in the upper right corner of the screen), it actually installs additional malware on your computer. The malware will disrupt your ability to browse the internet as mentioned above, and also can install code that corrupts the local Group Policy on your computer making it unable to do certain tasks. It also corrupts the registry and disables any existing anti-virus software.

Why doesn't my Anti-Virus catch this program?
Malware has come a long way in terms of sophistication. Anti-virus and anti-spyware companies are charged with keeping up with these methods, which is why it is extremely important to perform regular scans and keep your definitions up-to-date.

This particular spyware relies on the end user, and often times the user doesn't realize what they've done until it's too late. Once this malware gets installed, it effectively disables any existing security settings on the computer. Currently there is not one tool that is 100% effective in preventing and removing this malware.

This malware can be dangerous for more many reasons. Like many online scams, Antivirus 2010 aims to collect personal and financial information from end users. Since these fake alerts appear genuine many people unknowingly mistake them as legitimate and click on them, or worse yet enter their credit card information when asked to do so.

What Should I do if this Happens to Me?
DO NOT click anywhere on it! The best way to get rid of these fake alerts is through Task Manager. To do this, right-click on an empty space somewhere on the task bar, then select the Task Manager.

In the Task Manager window the alert will be displayed, click on the alert so that it is highlighted and choose "End Task". This should remove the pop-up from the screen.

It is usually a good idea to run an anti-virus or anti-spyware scan on your system after receiving this or other suspicious pop-ups in order to make sure that your workstation is clean.

If you get a pop-up or alert and you aren't sure if it is legitimate, the best thing to do is ask, as it is very easy to mistake a legitimate alert for spyware and vice versa.

How do I know if I'm Infected?
An infected machine will usually get multiple pop-ups, sometimes in the form of security alerts telling you that you've been infected, pretending to scan your computer, or other advertisements. Sometimes spyware changes your background or other visual settings, disables your anti-virus, and may disable your Internet and network connection. It also may slow your system down and disrupt your other programs.

If you think your system has been compromised please call us at 877-227-2440.

^ top of page