Thursday, October 22, 2009

Take a Deep Breath

You are happily surfing the Internet when a large box appears with lots of red in it. It says something like "WARNING! YOUR COMPUTER IS INFECTED!" and it lists 20-odd infections, each with a scary-sounding name. "Clean Now," urges the box, and the next screen will say, "Click REMOVE" to remove threats!" And this frightening box has logos that may look like the ones your own security system uses.

Don't do it. Clicking on that "Remove" button will actually download the virus, and it's a nasty one. I know because I've spent the past nearly 48 hours trying to cure it. The first thing it does is knock out your security programs: Norton or McAfee or Windows Defender or whatever you have. These will be disabled; their icons may not even appear any more. They will be replaced with this fake called "Windows Enterprise Defender." It will also whack your Google account, so you will no longer have access to Google. For me, that meant I couldn't sign in to my blog or leave any comments on yours or see the maps I've created in Google Maps. And every few seconds, the bug will interrupt whatever you are trying to do, urging you again to "Remove" the fake threats.

So next time (and every time) an alarming "WARNING" box pops up from nowhere and says a scan of your computer has revealed several critical threats, stop and take a deep breath. Ask yourself, "Have I been scanning my computer? Did I schedule a scan for this inconvenient time?" And then do nothing at all with the box. Even if it looks like it IS your security system, go and open, in the usual way, the one you know is your real one, and use it to scan and remove any viruses you may have (but probably don't).


Anam Cara said...

For me, that meant....

Oh, NO! What did you do to get rid of it? How many hours did you spend repairing the damage?

Chocolatesa said...

Yes I nearly got taken by that one too, and sent screenshots to my family so they wouldn't.

Anastasia Theodoridis said...

Bravo, Chocolatesa! You kept your head.

Anam, I spent hours trying to fix it myself. Managed to find and remove it, but not the damage it had already done. For that, I spent another couple of hours on the telephone with Comcast and then with McAfee. Had to reinstall all the security programs and then use them to do a full (hour-long) scan to be sure everything was okay.