Extortionware? What is extortionware.
I have seen at least 10 computers in the past two weeks that have recently been infected with extortionware – viruses and spyware that infect your system by pretending to be an antivirus or other security program.
With names like Windows Antivirus, WinAntivirus, XP Antivirus 20008, etc. these programs appear to look and feel official. However, they are some of the worst virus or virus-like programs I have ever dealt with.
These viruses often come onto a computer via a pop-up advertisement that says looks like a Windows security or antivirus warning that reads something like, “Your computer is infected with one or more viruses and spyware programs. Click here to run a full scan.”
Up until you click on the button, your computer is likely 100 percent virus and spyware free. However, after clicking on the scan button your computer will be infected with dozens of viruses and spyware programs.
These programs scan your computer and appear to be looking for bad guys. When the scan finishes it shows a long list of discovered programs and informs you that to remove them you must pay $50 or so to remove the viruses.
This is why it is called extortionware. These programs infect your computer then expect you to pay to have the software removed. You should know though that even after paying the money, your computer will still be infected.
Removing these programs can be extremely difficult and time consuming. I have four infected computers sitting in my office right now awaiting a reformat due to these problems.
Removing the infection can be easy with the right tools, but so much damage is done to system files that often, a reformat is the quickest option for full repair.
Most of the infected systems have had full antivirus protection, the problem with these viruses is that they install like programs so antiviruses don’t often catch them during the install. Once they have been installed, the first thing they do is shut off the antivirus making them more difficult to remove.
Be careful. Unless the warning includes the name of your antivirus, you are best to just click on the X in the upper corner. Do not click on the CANCEL or CLOSE button if one is provided as these are often false links.
Related articles:
- Stick with HelpMeRick’s trusted security software
- Recent spyware surge
- Using Adaware to purge your PC of spyware
- Run spyware and anti-virus scans in safe mode
- Bad tech support: When in doubt, blame a virus
Tags: antivirus, money, Office, remove, Security, spyware, virus, Windows
Loading ...
HelpMeRick.com started as a monthly tip site for beginners in 1996, and now supports our popular call-in computer show, and hosts thousands of useful computer tips and links.
I just got this i clicked “X” and it took me there anyway i exited out as fast as i could! infected?
Possible…I would empty all your temp files and run a complete anti-spyware and anti-virus scan to be sure.
If I back up my data & reformat the hard drive on an infected computor how likly is it that I will reinstall the virus when I restore the backed up data
IF you backup only your data files (My Documents and desktop files), then you will likely be fine. Just be sure to put all your security software on the new install BEFORE transferring your data back.