Fake security programs that circumvent traditional anti-virus software are becoming more prevalent. They tend not to cause any major damage to any files on a computer (compared to what a ‘virus’ would), but they are a major annoyance. Typically they disable all common methods and tools used to find them and they have no standard uninstaller to remove them. They can close windows, prevent programs from opening (especially legitimate security tools) and hide user data. Removal often involves unconventional, manual techniques.
Some of the trickiest and most complex example are ‘ransomware’ programs, which literally lock your computer and present you with a payment page, holding you (and your files) to ransom. Because you can’t boot normally into your system, any standard removal methods fail. Many times, we find that such programs look very convincing; they are structured well, the spelling and grammar is accurate and they claim to be from outfits such as the Met Police or ‘cybercrime division’, using authentic-looking logos. Many users have, sadly, fell for the scams. And usually, even when payment is sent (which is quite safe and untraceable from the scammer), the user’s files remain inaccessible.
If you come across anything like the above, or a strange program that’s suddenly appeared telling you that you have a number of infection and wants payment, don’t do anything. Bring it in for assessment and repair. Although you can never guarantee a data recovery (depends on the extent and type of infection), the system itself can be disinfected and secured moving forward.