I didn't get any blog time last night and time is tight this morning. So if I didn't catch up with you and your blog, I will as soon as I can, I promise!
Much of my time has been taken up lately removing Trojans from computers. The most troublesome one I've found in the last week has been Antispyware 3000. Once infected, the system pops up an internet explorer window and appears to run a scan showing you 14 Trojans. You're then shown a pop up which prompts you to buy and download"additional protection". It's a scam of the worst sort. You can see examples here. The design is good, looks very "official"... unfortunately.
Removing the infection takes a little time. The first thing is don't click on anything. Shut the system down and bring it back up in safe mode (press f8 during reboot). Choose the safe mode with networking option. Go to file hippo or cnet and download malwarebytes. Update the program and run it. Running the system in safe-mode allows scan and removal of items that are hidden in the registry and throughout the operating system. In other words Windows won't load the drivers that the malicious software needs in order to do it's evil business and to protect itself from removal.
The most recent computer I did this on had 53 trojans. The infection was embedded not only in the registry (reactivates every time the system is rebooted) but in system restore as well. It had also corrupted the computer event log, disabled add/remove programs, turned off the antivirus and firewall and pretty much porked over every aspect of the operating system. It must have been infected for quite some time.
After running Malwarebytes, I generally follow up with Spybot Search and Destroy and an antivirus scan before rebooting the system back to normal. Then I run one more Malwarebytes just to be sure. That scan process is for this infection only. Other infections require a slightly different approach.
Off to work. Have a great day!
PS -We're only waiting for one last bid from the caterers! The last guy has yet to belly up to the bar. Stay tuned!