I recently had a laptop from a customer that was infected with several viruses and some malware, one of which was a pop-up that occurred every time she tried to browse to a new page. This sort of pop-up and browser redirection are quite common, I have seen them many times with various adware and malware, I’m sure many of you have had them, you type in a search for a web page, say Walmart for instance, the browser then redirects to a completely different page that usually tries to sell you something. Although annoying these are usually not too dangerous, however, some of them may lead you to a page that has some much more serious, malicious links on them that may download all kinds of viruses, malware, adware, key loggers and more to your computer. Most of these pop-ups can be removed easily enough with a quick scan with a program such as Malwarebytes. If it doesn’t remove the pop-up with a scan, you may need to reboot to safe mode (Usually by continually pressing F8 after powering on the computer), once in safe mode run the scan again, this is usually the most effective way of dealing with these pop-up redirect problems, as many of the regular start up services are stopped, the software is able to do a much more comprehensive scan.
Back to my customers computer, when I opened the browser on this laptop, after a few seconds, sure enough, a pop-up appeared that said ” Your Computer is infected with Malware call this number now XXX XXX XXXX to remove it“, not only was there a pop-up, but there was an audio message stating the same information. I had not heard that before! Thankfully my customer had the sense not to call the number. Unfortunately many people do! Most of the time these numbers will take you to someone that will try and convince you that they are from a reputable company, (usually Microsoft), and they would like to log into your computer to fix the alleged problem. Some people actually fall for it and let these people remote in to their computers. Although it may appear that these people have removed the virus or pop-up or malware or whatever else they claim, in reality they have probably installed some background software that can search for password information, online banking information, or anything else that may be of interest to them, then collect the information and send it back to a server somewhere. Suddenly this pop-up is not so innocent! Before performing the system “clean”, the person is likely to ask for some sort of payment which involves you handing over your credit card details, Again this pop-up has done its’ job well, this guy now has your credit card details as well as access to your computer. What happens next is anybody’s guess, but you know it can’t be good! Anyway as I said before, she didn’t call the number and I was able to remove the issue using the steps mentioned above, so the story had a happier ending.
If you should be unlucky enough to be infected with such an issue and see this pop-up, please DO NOT call the number. Take your computer to your local repair shop, or your neighbor’s 16 year old kid, or anyone that knows how to run an antivirus/malware program, otherwise that pop-up could end up being extremely costly.
The program I used is a free program called Malwarebytes, you can download it from their website or from my free stuff page here. Be sure and check the buttons that say free to get the free version.