While on the internet users may encounter security alerts in the form of pop-up messages claiming that a virus has been found on the computer and that it is necessary to download software to clean it. These messages promote "rogue" security software, also known as "scareware". At first glance, this type of software appears to be professional looking software, but provides limited or no security. The rogues all have legitimate-sounding names. They appear to be the real thing, sometimes using the words "Windows" or "Microsoft Anti-Virus". Rogues generate erroneous or misleading alerts, or attempts to lure users into participating in fraudulent transactions. Often the intent of these messages is to offer scams that trick the user into downloading software that damage the computer and/or spy on its users. In some cases its goal is to gain access to the computer in order to find personal information.
These scams can appear in email, online advertisements, your social networking site, search engine results, or even in pop-up windows on your computer that might appear to be part of your operating system, but are not. If the message did not come from the resident anti-virus or anti-spyware applications, it cannot be trusted. That holds true for URL's that an email or webpage may send us to. Select View > Status bar from the Internet Explorer menu. Position your mouse over the link in question. With the mouse still over the link, look in the bottom left corner of your browser. You should see the actual target link displayed there. If it is something that you do not recognize, don't risk clicking on it.
What Do I Look For If I Become a Victim?
1. Your anti-virus and/or firewall has been disabled. 2. Unexpected crashes aka: "Blue Screen of Death" 3. Slowness 4. Excessive hard drive activity and/or a high level of network activity especially when the computer is idle 5. Strange windows and odd notifications warning lost access to drives, files that will not open, and messages that a program is attempting to access the Internet without your command 6. File sizes are changing without your accessing those files. 5. Reports that friends are receiving odd emails from you or that your IP has been blacklisted
What Should I Do?
Running a system scan with your antivirus is usually the best way to diagnose and remedy the situation. Some folks may feel that always running two anti-virus applications at the same time is better in case one might run if the other has been disabled by malware, or that protection will be twice as effective. Wrong! Running more than one anti-virus program can actually make you less secure. With more than one anti-virus program on the same computer, there is a chance for conflicts if a virus or other type of malware attacks the machine. Each of the anti-virus programs wants to "control" the situation and in some cases, the task of removing the infection does not get done at all. You will also experience slowdown as each is trying to run in realtime. You may run the risk of data loss from a system crash that the instability can cause. A better option would be to keep one good anti-virus, keep it current, and use it as designed. If a second opinion is needed, use one of the online virus scanners such as ESET Online Scan which can be found here: http://www.eset.com/us/online-scanner/ Many of these reputable online scans will alert the user to Potentially Unwanted Programs and the malware that may have been installed by them.
If you feel that you need additional assistance there are some good malware removal forums that provide free help one-on-one by trained analysts. You simply need to register and post the requested diagnostic logs. Two of those sites that do not have adware are SpywareHammer and SpywareInfo Forum.
Remember: The best defense is the person sitting behind the computer. Being vigilant is the first step in preventing rogue software and the infections that it brings.