Internet Windows Proclaims Virus Infection!

Alarm windows are popping up and threatening voices proclaim you have viruses, do not touch your machine! Call this number! Click this link!

IMMEDIATELY PAUSE BUT DON’T PANIC

Bad players are taking the legitimate functionality of your browser (Chrome, Firefox, Edge, or Safari), redirecting pages, adding popup windows, and sometimes changing your browser configuration. Yuk! They are laying down small files that take over your browser.   

You most likely do NOT have other malware downloaded on your machine unless you have clicked on a link, executed a download, or allowed the con artist behind that phone number onto your machine. This type of malware cannot steal your files or damage your computer unless you start clicking on links or responding to their requests.

Your browser can be infected in other ways:  webpages load slowly with constant pop-up adds, and your “default search engine” can be substituted.

WHAT TO DO

Step 1: Close the browser.

Often you can just shut down your browser as you normally do.

Sometimes, the malware will freeze your browser. In this case, you need to force close the browser.

  • WINDOWS:  Open Task Manager and in the Processes window, find your browser icon, right-click, and “End Task.” How to Open Task Manager
  • MacOS:  Force Quick browser from taskbar or Apple menu on top:  How to Force Quit

Do not turn off the machine with the power button – this is NOT GOOD for the operating system.

You can reopen your browser. Unless you have it set to open all the pages closed, you will not see that link unless you click the same link that took you to the unwanted page, and bingo, repeat performance.

Step 2: Remove history from your browser.

To avoid repeating accidentally, you will want to clear what your browser calls “cache, history, and cookies.”  These are links and small text files saved on your browser to store information you might want or trackers you might not value.  it’s a great thing to know how to do!

All browsers have settings that have a Security and Privacy section where this can be accomplished. Firefox:  Click Here. Chrome:  Short Video. Edge:  Click Here.

  • I would recommend you delete cache and history to avoid ending up back on that nasty link, but this might be a good time to also delete cookies in case the page laid one that follows you.
  • If you delete cookie files, you may find yourself having to log back into accounts in your browser-driven accounts, so be sure you know your passwords!

Step 3: Remove browser malware.

WINDOWS:  The easiest way to is to simply download a respected and safe utility called AdwCleaner.  It will download and install quickly and you can leave it on your machine for future use.  It looks for files called “PUPs” (Potential Unwanted Programs) and a few other items of perhaps dubious nature.  Download AdwCleaner by Malwarebytes (which can remain on your machine). MACOS: Get AdwCleaner from the MacOS store.

Other antivirus programs can do this, particularly the free Malwarebytes, but you will have to download f a product that does multiple functions for safety; if free, they will advertise for upgrades.  You do not want to have two antiviruses working at the same time, so check that your system has only one active.  You may need professional help.  If you download to use temporarily, be sure to uninstall it afterwards.

If you find you have more than one or two PUPs – well, evaluate how you are using the Internet.  Be more careful about what you click.   

Step 4: Scan your machine with antivirus.

If you have intalled a third party app, find this utility and run a full scan.

Windows and Apple come with virus protection software that gets mixed reviews. WINDOWS DEFENDER:  How to scan your machine. MACOS XPROTECT:  I haven’t found a way to scan.  It is supposed to work automatically as you use your computer.

Step 5: Check your browser “extensions.”

You may have little utilities added to your browser search bar that add functionality – some of which may not be safe.  Follow the directions below to locate these extensions and remove anything you don’t recognize or use. Learn More:  Click Here.

Step 6: Restart your computer.

Restart your machine (or you can shut it down and then turn back on).  This will help clean up after any of the work done above.

HINT: If you have been shutting down with the power button, stop doing this.  If you are leaving your machine on constantly, you should once a week “reboot” by following the following restart instructions.  This will reset your operating system functions as well as some other desirable work. WINDOWS:  Click Here. MACOS:  Click Here

Step 7: Review your Installed apps.

This is an article in of itself, but if you know how to find your applications on a Windows or MacOS, you can review what is installed.  If you don’t know if an app is legitimate, you can “google” the name and see what others say.  Many come with your machine, are useful or do no harm (or cannot be uninstalled).  If it is malicious and won’t uninstall, call a professional. Here is some info on how to locate and remove installed apps: WINDOWS:  Click Here.  MACOS:  Click Here

(Beware, Macs are notorious for leaving app remnants behind, so a third-party app is worthwhile here.  Most, however, are $30 to $50 and sometimes a subscription; these may do more than you need or want.  Here is a list of reviewed 3rd party apps:  Click Here.  I use Advanced Uninstall Manager for about $5 one-time which has worked well.)

Step 8: Other possible protective measures.

The following are more advanced maintenance. Steps 1 through 7 may suffice.

  • Check your system utilities to see if an app has been recently modified.
  • Check your Startup Apps in Task Manager and disable any you don’t need to open upon starting your PC.
  • Check your browser default search engine (Google Search, Bing, Duck Duck Go, Yahoo, etc.), and if it is changing from what you want, you may have an app installed that keeps changing your setting. (McAfee, though legitimate antivirus, smuggles in an app that does this; uninstall WebAdvisor – terrible). Learn More:

Step 9: Prevention

  • Learn how to inspect a link before clicking!
  • Do not download software unless you have searched for reviews and found a couple that validate its legitimacy and effectiveness.  As you are installing, review before you click “next.”  Always choose a “custom installation” when offered to see if it is adding other software you don’t want!
  • Learn to use a Private Browsing Window when surfing.  This erases our history when you close the window.  Learn More.  This has the added benefit of reducing personal information collection by cookies.
  • Keep your Operating System and apps up-to-date!  This often means you need to “reboot” as described above to complete the update.
  • Protect your passwords. The safest way is a third-party password minder, but at the minimum, hide a written list, do not carry in your wallet, and use unique, difficult passwords for each login.  Make sure your computer’s and phones have login passwords. Reusing passwords is one of the most common ways to be breached.
  • Backup your data through an external drive and/or a cloud storage solution like OneDrive, iCloud, Google Drive or professional backup like iDrive. If you accidentally let in a bad player (or your hard drive fails unexpectedly), you can spend $1000 recovering your data without backup.

Step 10: What to do if you believe your computer has been compromised

If you allowed someone remote access or clicked a link that you think allowed malware to be installed on your machine (as opposed to just existing in your browser), seek professional help. (If you responded by phone and did not do as they instructed, probably no harm has been done to your PC, they just now have your phone number.)

  • Disconnect from from your Internet the moment you realize your mistake.
  • If you clicked and downloaded something, you may want to contact a professional or reset your machine, first backing up carefully and scanning the backup.
  • If you allowed them in remotely:
    • Reset your PC with a complete wipe, first performing a data backup.
    • If you allowed remote machine access and/or gave personal information, you most certainly should implement protection of data theft as they may have been able to find on your machine from files, email, etc. such as driver’s license, social security number, and financial information. 
    • You will need to work with outside agencies.  IMPLEMENT THESE RECOMMENDED STEPS:  Click Here.
  • (You may not need a 3rd party identity monitoring service, as the horse is already out of the gate, but they can be helpful, reassuring and provided future protection.

BE SAFE OUT THERE!

image sources

  • hijacker: CoPilot created virus alert