Yesterday, one of my clients switched on his lap-top and was confronted with a pop-up inviting him to "update to Windows 8".
He had actually seen and ignored this pop-up a few times before but, this time, he must have clicked the link (easily done) with the result that both internet access and 'internet security' software were disabled.
The malicious software also appears to have cleared Windows 'Restore Points' which may have enabled a fairly instant recovery.
Additionally, there was a pop-up invitation to activate alternate internet security software which held the promise of solving the problems which clicking the original link had obviously created―I daresay that this 'activation' would have involved the collection of credit card details.
In principle, internet security software should have recognised and neutralised this threat but new versions of malicious software appear all of the time and there is not a lot that can be done if the user effectively 'opens the door' by accepting invitations of this sort.
It was interesting to trawl the internet in search of advice on solving this problem―some 'gurus' seemed to assume that the original pop-up referred to Internet Explorer 8 and advised that it was OK to download (not a good idea).
Of course, I tried the usual stuff such as Windows System Restore (restore points missing), antivirus scan (not working) and installation of new antivirus software (couldn't update to latest virus definitions on-line).
Fortunately, my client had the benefit of an automated regular backup to an external disk so it was possible to recover the entire PC in about 20 minutes―the last backup was taken around 8 pm the previous evening (about 15 minutes before shutdown) so the loss of data would have been minimal.
The key to this strategy is that you backup the entire machine rather than just important data files―corruption of the Windows operating system or other software is far more common than the loss of data files and far more difficult to recover from.
The recovery process works by booting-up the computer from a CD (or other external device) which contains a simplified operating system, thankfully uncorrupted by any malicious software on the hard disk.
All data on the hard disk is overwritten by this process so there should be no remnants of the original corruption―if there are still problems, you simply work your way through earlier backups.
A thorough antivirus scan will hopefully confirm that the malicious software is no longer present.
NB It doesn't help that, following a recent Windows Update, there are genuine pop-up web pages inviting users to either customise settings for Internet Explorer 8 or to choose this product as their 'default' browser.
As Windows 7 was only released a few months ago, there are unlikely to be messages relating to Windows 8 for some years, if ever.