One of my friends recently was bitten by a nasty piece of malware that I've been hearing about for a few months. I'd never actually seen it in action until now though. And it's a real problem, especially for people who aren't comfortable with computers in the first place. People get hit with these things in different ways. And it's usually by doing something that is not inherently dangerous, like clicking on an image in a Google search result, or visiting a web site that has been hacked by the bad guys. In my friend's case she opened an email attachment that seemed to have been sent by someone she knew. It wasn't.
A window popped up that said her computer had been infected with a virus and then it seemed to perform a scan that showed how bad the infection was and then offered to sell her a program that would get rid of the problem. The alert window looked very much like a Microsoft Windows alert. Very sophisticated. No misspellings or egregious grammar errors to tip you off.
[caption id="attachment_513" align="alignright" width="500" caption="The actual malware my friend encountered had a slightly different name, but was remarkably similar to this screenshot example."]
But to be very clear, it was a scam, pure and simple. What the scammers were after was her credit card number. If she had fallen for the scam two things would have happened - she would have spent $80 to purchase a bogus malware removal tool and she would have had to cancel her credit card so that the scammers wouldn't have been able to use it.
Unfortunately, the malware authors are clever enough to make the program hard to bypass, and until you remove it the computer is not functional. So in her case she is going to have to pay someone like the Geek Squad to get it running again.
I know, there are ways to clean the system yourself. If you do a Google search for "fake spyware" you'll find all sorts of sites that give instructions for removing it yourself. But it involves editing the Windows registry, which is something that most casual computer users are not comfortable with. And frankly they shouldn't even be attempting it because they may cause more harm than good. So it's best left to a professional or a good friend with a lot of spare time.
Why a lot of spare time? Because here's the bad news. Once your computer has been compromised by something that has managed to infiltrate the registry settings, how certain are you that they haven't caused more harm than you can see? It's possible that they have left behind other viruses and malware that you can't easily detect.
My strong recommendation is that once you've been bitten by one of these programs you reformat your hard drive. It's really the only way to be completely safe.