I have XP Professional with SP3. Iâm certain youâve answered this somewhere,
but I donât know where. All of a sudden, a message appears on my screen from out
of nowhere, telling me that my system is not clean and needs cleaning. If this
were in an email, itâd be no problem to block or delete, but Iâm absolutely puzzled by
just how out of nowhere this message appears on my desktop. Of course, I can
cancel it, but how does it get there? Is it related to Skype?
In this excerpt from
Answercast #31, I look at a computer that suddenly has a pop-up which seems
to be warning the user of an infection. This is a good time for some protection
and a good cleaning.
]]>
Sudden message
I donât believe itâs related to Skype.
There are two paths that I want to investigate here.
- One is: If youâre in your web browser, what you may be seeing is nothing more than a pop-up window from the website that youâre visiting.
So, definitely pay attention to whether or not what youâre seeing is in a web browser or if it is happening as the result of something youâre doing in your web browser.
- The scarier answer is that youâve already got malware⊠and that malware is basically a little foot in the door thatâs trying to scare you into buying a specific product to fix a problem thatâs not really there.
Itâs a very common technique. Some of the worst malware infections weâve seen in recent times have in fact been because this software is so convincing. It looks so real.
Itâs a trick
The error message seems legitimate. What happens, though, is you end up downloading the recommended solution to this particular problem. My guess is what youâre seeing says, âClick here to purchase this product,â or âDownload a product that will clear up this problem that weâre telling you you have.â
Chances are when you download that product and install it, that then will install â not necessarily a cleaning product â but a truckload of malware. Itâs some bad stuff that will probably infect your system even worse.
Do not respond
My recommendation in a situation like this is never, ever download what is recommended in an unexpected pop-up window. Never.
-
Instead, use your own tools.
-
Update your own malware tools, your own anti-spyware, and your anti-virus tools.
-
Run up-to-date scans immediately.
Clean your machine
Consider running an up-to-date scan from the tool out at Malwarebytes.org. Itâs a free tool for individual use. Run that.
If you need to, run Windows Defender offline, which is a CD that you burn and boot from. It will run a Microsoft Security Essentials equivalent from the CD without Windows running.
Then consider running something, maybe, CCleaner, to further clean up your machine.
Feels like malware
Ultimately, this message feels like malware to me and I believe it needs to be treated as malware. That means treating your machine as if itâs already infected and taking the steps necessary to rid it of that malware.
Next from Answercast 31 â How do I stop this disgusting email from being sent to me?
I have seen friends and colleagues fall for this âdirty trickâ on several occations. The Malware is clever enough to generate the message, but not to truly mess everything up â so it needs you to invite it in.
I tend to use Task Manager (if that still works) to close the message, then scan my machine thorougly.
This scenario is further complicated when the messages for some software are poorly written and/or have no identifiers to tell you where the message originated. Always err on the side of caution, I say.
Iâve gotten one that pop-ups with the warning âYour System Is Infected!â or similar. When I clicked the x in the corner to close it this âscanâ started with all sorts of bad stuff showing up. It was pretty darned aggressive. I had to exit my browser to make it stop. I shut down and did a complete malware scan in Safe Mode right after.
to Snert (and anyone else interested)
Anything on a popup can be âprogrammedâ to say âyesâ â even the X (as Leo has stated in some of his very informative articles).
The only way to be sure is to close the popup without touching it, i.e. terminating through Task Manager.
I believe I can answer what is happening here: The âpop-upâ you are getting is a version of the Anti-virus 360 virus that was so common in the past. The pop-up itself is not the virus, but by clicking anywhere on it (all the buttons are programmed the same), even the âxâ to turn it off, will download the virus. Malwarebytes and Emsisoft anti-malware are the only two programs I know of that will delete this pop-up. The virus, once installed, must be removed by a professional as no anti-virus made will get rid of it! If the pop-up shows you a list of viruses or problems, DO NOT try to just delete them as they are actually Windows files your PC needs to work.
What to do: 1. Disconnect from the internet immediately. 2. DO NOT click anywhere on the virus, just reboot your computer letting Windows shut it down. 3. This certainly came from the internet, not an email, so open your browser, but do not let the pages load (the last page you were on when it popped up is where it came from) but go to your home page or anywhere else before it can re-download itself. 4. Install Emsisoft AND Malwarebytes (both are free) and run them before you use your PC again. It is also best to change any important passwords afterward because if it did download the virus, your passwords have already been stolen. Good luck.