The increase in fake antivirus programs has started in the early months of 2006, or may even be the end of 2005, when the popular programs like WinFixer and marathon computer SpySheriff infection started.
The first malicious programs are infecting computers through Trojan horses, which were able to generate security alerts (also known as false positives), very similar to that displayed by the Windows operating system. If the victim is not very enthusiastic about computer literacy, false alarms divert his attentioninsufficient to provide for the suggestion outstanding problem. To respond, the user will be prompted to click on the alarm system, resulting in the malicious program to download and install, and finally - the purchase.
Today, the programs of false use methods more confused to deceive the victim. In fact, we can not talk about a program - the way in which it is installed on the machine differs from all other regular programs. Instead of installing some malicious files on the computer fell victim. But nowmethods of deception.
Fake programs disable Windows Task Manager, Registry Editor, Command Prompt, and even trusted antivirus program. There are reports that all of them. exe are blocked, except for iexplore.exe (Internet browser) needed to pay for malicious programs. So, what changes to the computer system to obtain a similar result? The main area in which you perform dangerous actions is the Windows registry. Many changes were made to the Windows registry, such as creatingnew values, addresses that link to malicious files, somewhere on your hard drive. The file will in turn unwanted actions indicates the intent to obtain. The removal of the file is not the most reasonable thing to do - malicious files are able to regenerate after you restart the computer or even after it was banned. In addition to creating or modifying files locator string in the registry, malicious programs can modify some strings sort of harmful results, asto disable the Task Manager. Block User Task Manager therefore disabling the killing of malignant processes. Sometimes one of the above problems should be fixed by just changing a registry key.
Another very effective method is misleading fake Windows "My Computer" in an attempt to impress the local hard drives and folders (eg My Documents) are trojans and viruses. In fact, the window that appears on your Internet browser, where the correspondingsite is loading. The trick is played into the hands of the images. Say you're print screen "My Computer" and put it on your website with the same title.
In short, any malicious program to make several changes to the system. Each time a new villain appears, anti-spyware companies search for methods of disposal. In the case of infection, users are invited to the forum thread and post a new HijackThis log to start seeing what the problems are caused in the victim's computer. Na, computerExperts analyze the log, are able to offer tools to remove malware threats (viruses, trojans or malware) has been removed.
No comments:
Post a Comment