This morning for the 2nd or 3rd time I managed to pick up an annoying piece of malware.
A rogue, fake security program that tries to make you think that suddenly your computer is under all sorts of attacks.
Offers to help keep popping up til you kill the monster.
The version that hit me today was called XP Security 2012. Other variations all start with XP and end with 2012, with words like 'Antispyware,' 'Antivirus,' 'Home Security' and 'Internet Security' in between XP and 2012.
The malware stops you from being able to open anything that might stop it. Like Malwarebytes. You can't open the registry, msconfig, notepad, pretty much any program you might use to kill this monster.
But, it does not stop you from Googling.
I remembered the last time I got this fixed by downloading Malwarebytes, again, and doing a fresh install. This time that did not work. The monster would not allow the install to run.
So, after a little Googling I found a blogspot blog called "Malware Removal Instructions" which had a page devoted to removing today's monster called, "Remove XP Antispyware 2012, XP Security 2012 (Uninstall Guide)."
The instructions had two methods to stop the monster from blocking program access. The first method worked for some. But not for me.
The second method, simply putting some code in notepad, naming it 'fix.reg,' saving it to the desktop, then clicking 'fix.reg' had me now able to run Malwarebytes, which found 11 infections by the time I got back from Village Creek Natural Historic Area.
The removal of those 11 infections fixed the problem.
Why is law enforcement not after the evil doers doing this? I am sure quite a few people fall for this scam and quickly fork over the $59.99 to make it stop.
And what is the point of the constant Microsoft security updates, one of which occurred a few days ago, plus running Microsoft Security Essentials, if something like XP Security 2012 is not stopped?
Apparently the criminals behind this have been running this scam for quite a long time. And are better programmers than those at Microsoft.
The solution from Malware Removal Instructions that did not work involved using a registration key to unlock the fake anti-malware program. Once it is unlocked, the fake program tells you all is hunkydory with your computer. You can then run an anti Malware program and kill the monster.
I suspect the evil doers figured out a registration key was being used over and over again. It did not take long after I had the registration key for the monster to pop up with its latest attack warning with the click here to activate XP Security 2012. I was then told "reg key invalid."
To get to the place where you enter the 'reg key' you have to go to the heart of this particular darkness. I was appalled at how legit the website looked. They wanted all sorts of info, including your credit card. You could take the $59.99 one year offer, or pay for multiple years at increasing discounts.
Could this possibly be a Norton Anti-Virus Rogue Operation?
No comments:
Post a Comment