Fake Antivirus programs are becoming a very serious issue. Trend Micro reports that they are “… August’s top malware…” and this has continued for the first two weeks of September (Link omitted intentionally, see “Rogue AV Theatrics on Extended Run” at blog.trendmicro.com by Macky Cruz). These programs are after you, they want to take your money and your identity. They simply use your computer to ask for your personal information and your credit card data.
Please beware of false Antivirus messages that could pop onto your screen. These pop ups look like real warnings at first; look closely at the warning message. Here is how you can try to protect yourself.
Look at the message. Does the message come from the antivirus program you are using? If not do not left click on the message! Try to right click on the message and select close. If the right click does not offer a close option (or does nothing) try to find the message’s program on the task bar. Right click it’s icon on the task bar and choose close if possible. If you cannot close it out it is better to log off of Windows than it is to click the message. Reboot the PC if you must. Clicking on the message (anywhere on the message) allows the fake antivirus to download more nasty things onto your computer.
If it is too late, the message has been clicked, the computer will start constantly trying to get you to buy the antivirus program to clean your PC. DO NOT BUY THEIR PRODUCT! DO NOT GIVE THEM YOUR NAME OR EMAIL ADDRESS. Your computer is now infected. The wallpaper and screensaver may have been changed. Your normal antivirus is likely disabled (I have seen both Trend Micro and Symantec antivirus programs totally disabled). Your infected PC should be restarted into safe mode and scanned with an up to date, real antivirus program. If you are not familiar with this process get assistance from a qualified system administrator.
Many people associate contact with computer Virus’s with carelessly reading email / spam or viewing “shady” web sites. Sadly this is just not true. Reading the New York Times web site could have lead to an infection (in September 2009 the site had an advertisement that linked to a rouge antivirus site). Earlier this year my AV program flagged the advertisement on one of the main search engine sites as infected!
Some names of rouge / fraudulent antivirus programs are WinAntispyware 2008, Antivirus XP 2008 and Antivirus 2009. These may be detected by your antivirus software as “FAKEAV” but they change constantly so that real antivirus programs cannot recognize them.
Keep you AV current and do not bow to pressure from unsolicited sales pitches