Looking up photos in Google and click on a link. A page came up that looks like "Computer" screen and a tab saying "Security Analysis" in the address bar "www1.prodjigot (dot) com /index xxxxxxxxx" Says I have a virus and "Click here" to get rid of the virus. When I do, it downloaded a file "softupdate107_2253.exe from a site savepower4u (dot) net

When I try to close the page i get "Are you sure" that sort of message.

I am thinking the Security Analysis is just a web page to get me to down load the "Virus" the softupdate170. How can I be sure? What to do?

I am running AVG right now

UPDATE

I ran AVG and it found a "Potentially dangerous object" a "Corrupted executable file" the file is
c:\windows\sminst\xerces-deepdom_2-7.dll

It wont let me remove it the "Standard way" I have to "force it" if I try I get all kinds of warnings.

How do I know what this file is before removing it?

Can you rename the file? Just add something like -001 to the file name. Example: xerces-deepdom_2-7-001.dll.

Are you logged in as Admin?

This is on my personal laptop at home.

What will renaming the file do?

Dave,

I can not help much on what is going on with your computer. I do know this "warning" used to pop up on me before I checked the block pop ups on my browser.

I use a Mac, so the software they are trying to push on people doesn't even work on Macs. A friend of mine who is a network engineer told me that these are just sites using scare tactics to get money from people.

Use a reliable anti-virus package for your computer and you should be safe.

jtk

The pop-up window is a scam, as you surmised... just hit the 'X' and close it out (and then move to a more secure browser, like FireFox and use a free ad blocker like AdBlock Plus). Unless you selected 'okay' on that pop-up, the Xerces issue is something entirely different.

I seem to recall this isn't the first virus issue you've had... what are you doing with your machine?

You can download Microsoft security essentials and run that. I ran it on a system and it cleaned up a lot of stuff.

Dave,

I can not help much on what is going on with your computer. I do know this "warning" used to pop up on me before I checked the block pop ups on my browser.

I use a Mac, so the software they are trying to push on people doesn't even work on Macs. A friend of mine who is a network engineer told me that these are just sites using scare tactics to get money from people.

Use a reliable anti-virus package for your computer and you should be safe.

jtk

It's actually extortion. They infest your machine with a virus that forces you
to buy their solution.

Boot up in safe mode and run malwarebytes. should remove any malware on your system.

I have had that software or some version that is similar. I got caught once in the loop where I could not do anything with my computer because the screen they put on my computer would come up no matter what I did. I reformatted my hard drive and got rid of it. I learned later that all I had to do was shut my computer off and not click on the screen/pop-up that they sent me. Wish I was a computer genius and could find a way to destroy the company's computers with a major virus.

Or you could give it the three-finger salute and kill off the browser... no need to reboot (and certainly not reformat).

This is on my personal laptop at home.

What will renaming the file do?

Renaming the file may trick the virus. It may be unable to do it's dirty work. Also, by renaming it you can determine if this is a real system file. The name of that file and sud directory strikes me as slightly odd.

Download Avast freeware and schedule a boot time scan

UPDATE

I ran AVG and it found a "Potentially dangerous object" a "Corrupted executable file" the file is
c:\windows\sminst\xerces-deepdom_2-7.dll

It wont let me remove it the "Standard way" I have to "force it" if I try I get all kinds of warnings.

How do I know what this file is before removing it?


All is good. Just have to figure out what it is my AVG is trying to remove and is it something important to the computer.

Some of the newer hijacked google links do what is said above.. The ONLY way to get away from it is the cntl/alt/del and then dump the browser from there.. I found that the free version of malwarebytes cleans things out that Mcfee, and essentials did not even see.. Around Christmas, a russian site was responsible for millions of bad links on google to a phony virus check site. Most started with a hijacked domain name the slash, then 3 characters followed by a dash then the rest of the link i.e /syg-this_is_the_link_you_need.htm
Sometimes it pays to check the little link bar at the bottom to make sure it matches the link you want to click.. I'm surprised that Firefox does not have 'fire escape' for sites such as this, that will overide the script that keeps cycling you back to the same 'are you sure' screen and just dumps that particular window. There is the option to report a web forgery under the 'help' scrolldown window but I don't know if it will over ride a hijack script.

sadly this type of scam is pretty common and usually is not easy to remove most of the time the user is logged in on the admin account on the computer and therefore the scam is able to imbed itself in the registry where it is not a removal job for amateurs of course there is a pretty easy way to fix it though its time consuming my favorite method is to buy a new harddrive and unplug the old one clean install the operating system and antivirus software on the new one slave the old drive and copy the files you need from the old drive to the new one scanning them for viruses as you do so as long as you do not copy system files or boot to the old drive you are golden the scam files that imbed in the registry will reinstall the scam virus alert very soon after you have renamed or deleted the files you can see and right back to square one
sometimes the use a different browser will appear to resolve the issue but a lot of these scam type virus alerts actually mess up your antivirus software so that it either doesn't work or it constantly is trying to get rid of the scam which slows your machine up

as someone already stated it is essentially blackmail i had an awful job convincing my own mother that she should just call me before ever clicking anything on a message like the OP got i think the slime that puts out these scams thinks its funny that the user basically infects their own computer by falling for the scam and clicking OK sick sense of humor at best