Ask-A-Techie, Where you can have all of your questions answered.

Ask-A-Techie: Virus Alert

Posted by Serges LaRiviere on Sat, Jan 28, 2012

Hi Techie,

My computer started doing some strange things in the past few days and I think I have a virus.  I was online and an error message came up saying I had a virus infection, so I clicked the button and it started to scan my computer.  It says I have over 9000 viruses on my computer.  How did this happen?   I have an antivirus program, isn’t that supposed to stop the viruses?  The program that detected the viruses isn’t even my normal anti-virus, I don’t know how it got there, but at least it was able to detect those viruses.  It wants me to enter a credit card number to pay for a full version of the software.  Only then will it remove all the viruses.  What should I do?

Panicked and Infected

Panicked,

First of all, do NOT give this program your credit card information or any other identifiable info.  You are right about one thing, you do have a virus infection, although it isn’t what you think.  The actual virus is the program that is telling you about your excessive infection amounts.  These programs, known as FakeAV’s, or rogue malware, are made to look and feel like a normal antivirus program, with the goal of getting your credit card info.  Some estimates show that you are one of 500,000 people a day who are infected by this type of virus.

The reason that fake antivirus viruses are so rampant is because it DOES look legitimate.  A lot of times, you will be surfing websites that you normally go to without problems.  The virus is designed to pop up and alert you that the site you’re visiting has a problem.  Most people click this popup without really thinking about it, because it looks like a real antivirus program.  Most people will click the notice out of habit, as it looks official.

A good anti-virus is an important step to keeping your computer secure, but no anti-virus can protect your computer from the user pressing “Yes”.  Once you click the virus’s box, it begins to do it’s work,bypassing, then disabling the anti-virus.  In many cases it will block and program other than your internet browser saying each program is infected.

Of course once you click the fake antivirus popup, it will begin to do its dirty work.  You’ve essentially given it permission to override your real antivirus, and by then it’s too late.  It really isn’t your antivirus program that’s the problem.  It’s just that this virus is super sneaky, and it knows how to trick you into installing it.

Unfortunately, how well the programs are designed to work extends to how hard they are to remove.  Each version of the FakeAV family has a different series of steps to take to remove, so it is hard to list any one cure for all viruses.  Each day there are many more variants of the FakeAV family, so keeping up with the viruses is a difficult task.  Some anti-virus programs have built in recovery modes which can help, sometimes it just makes more sense to wipe the system and start fresh.  As long as you regularly back up your personal data, this can be a simple do-it-yourself option.  Otherwise a trip to your local computer shop might be the best step.

So do you need a better antivirus program to make sure that you don’t get infected with the fake antivirus software again in the future?  Not necessarily.  Just make sure that once you’ve removed the fake antivirus program that you update all of your programs.  And now that you know what the rogue virus looks like (and hopefully how to get rid of it if you do get it again!) you shouldn’t have any more problems.

Thanks for the question!

The Techie

Tags: Virus removal, Viruses, Scams, PC Fix, Fake Antivirus, Ask-a-techie, PC tips, Security