I own a computer repair company in Houston, Texas. My most common service call for 2008 was for spyware removal. There are several new breeds of a malicious software that can not only infect your computer, but also make it impossible to access the Internet or do any daily computer tasks.
This new threat is the worst I've seen in years. It operates under several different names, and requires a click from the user to completely install. But once it has installed, it spreads throughout the system and causes havoc with every thing you do with that computer.
And it is constantly morphing into different variations, so although the tactic will be the same, the programming can be different to defeat software designed to protect you. I know that it has bypassed all of the popular brands by constantly changing it's methods.
The basic tactic is a popup when you go to certain websites that tells you that your computer is infected with spyware. It quickly starts to scan your computer and find threats. In reality, there is no scanning going on, this is just a show to make you click on the popup.
Once you click, you just triggered an install of up to three different components. One will change your background and add a popup to your startup programs. Another will hijact your browser home location and not let you navigate to any other website. And the third program will go into your policy settings and not let you install or update any software intended to remove spyware or malware and disable System Restore.
There are variations but the end result is the same. It has names like WindowsXP Anti-Virus 2008 or similar. It looks official and has fooled thousands, if not millions, of people. It's been around in one shape or form for quite sometime but now has some very clever programming that makes it very difficult to remove.
And to add insult to injury, even if you click on it again and go to the website to purchase, it still doesn't work and continues to harass you. The more you click, the more it installs software to harass you. I've seen computers with over 20 different variations on the same unit.
So how do you protect yourself, or remove this threat once it install? The best way to protect yourself is to never click on any popup that starts to scan your computer or looks suspicious. If you do see a popup like this, stop right there. There is a utility called that you can call up by hitting the three key combination of the CTR, ALT, and Delete keys called Windows Taks Manager. When you pull up the utility there will be a tab open called Applications.
You will see a list of applications running. One or more will have the Icon for Internet Explorer (or whatever browser you may be using). Click on that line and go to the bottom right of the panel and then click on end process. You may have multiple Internet Explorer lines that show open windows. Click on each one and then click on end the process for each one.
That will get rid of the popup without actually clicking the close button or anywhere on the popup. Like I mentioned earlier, these guys are good and may trigger the install from any click on the Popup. So don't take a chance, use the Task Manager to end all the Internet Explorer windows open, just in case.
I never recommend shutting down Windows without closing all the applications and using the start key. But this is one time I think you may be better off just going directly to the start key and shutting down the system. If the Task Manager won't come up, or if you still are not certain how to follow the above instructions, just shut down the computer using the Start key.
OK, lets say that somehow the popup got clicked and the software installed. All or some of the symptoms I mentioned are starting to occur. We know that you are infected and need to take action to remove the spyware. You now have two choices, well, maybe three if you live in Houston and call me to do it or some other qualified local computer repair guy =8~). You can try and do a manual removal, which is difficult even for us folks that do it all the time. The reason is this software uses every trick in the book including changing file names and locations frequently. So what worked on the last version, may not work on the next.
Or you can use the few software programs out there known to keep up with the variants and hope you can install it with the latest removal routine. The last few that I removed, I had to do a work around to even get the software tool to install since they have figured out ways to prevent that.
I'd list the software here that I know to work but it changes frequently, it's an ongoing battle between the spyware software and the spyware removal tool software. I have put a link to our computer utilities below that will have the latest versions.
The best prevention is knowing that there is a risk and not to click on any popup, let alone one that exhibits the suspicious activity listed above. You can also install and use spyware protection software but be aware that if you don't keep it up to date it won't help. And some don't work at all with the latest threats.
Don't underestimate these threats, they have unlimited time and technology at their disposal. Always pay attention to any unusual activity on your computer. When it doubt, install reputable software and do a scan.
John Dow owns Houston Computer Repair, and a website that offers computer utilities to repair and protect against spyware. His Power Solutions CD has helped thousands of customers fix, repair, and remove spyware. Click here to learn more: Computer Repair Utilities.
Article Source: http://www.articlesbase.com/computers-articles/spyware-removal-and-protection-728903.html
0 komentar:
Post a Comment