jump to navigation

Thats No Moon! It’s a Rogue Spyware!! April 30, 2010

Posted by regan222 in Computer and Technology.
Tags: , , , , , , , ,

Well, I guess it’s about time that someone did it.  For so long it has been easy to get rid of rogue spyware applications that download themselves onto your PC and try to weasel your credit card info from you by holding your PC hostage.  As I posted last time, all that is necessary is to start up the PC in safe mode and start up a reputable scanner and the bug would go away.  Well, this new breed of bug does not care what mode your PC starts up in.  Safe or Normal mode, the bug will run the minute you try to start up an application.  If you should see something on your PC that resembles this…

This slideshow requires JavaScript.

whatever you do, DO NOT CLICK OK, GO, CONTINUE, OR ANYTHING LIKE THAT.  Use ctl+alt+del and stop all applications.  You might get lucky and catch this before it installs.  This is not, however, likely.  Once these screens show up you are usually too late.  This bug is installed by a trojan that comes in on a drive-by download.  What makes it different is that when it installs it makes a minor registry change that makes removal almost impossible unless you know what you are doing.  This program changes your registry so that any program you try to run, whether safe mode or not, will not start but the virus program will run, even in safe mode.

You can follow the steps from the last post but you need to do something first in order to get rid of this little monster.  Download this registry fix.  Right click and save it to your desktop.  You will need to unzip the download once you save it.  It is a registry file that you can merge into your registry to repair what the bug does so that you can use malwarebytes to get rid of it.  Once you have saved the file, find it on your desktop and right-click on the file.  The menu will include an option to merge.  Select “merge” from the menu and in a moment you will see a box that says you have successfully accomplished this.  Now you can remove the bug.  Make sure your PC is in safe mode.  Start malwarebytes, update it,  and run the scan.  This bug, like all the others,  falls quickly and permanently.

Remember, once you have completed the scan and you believe you have removed the bug, reboot your PC and run DiskClean to get rid of the scraps.



No comments yet — be the first.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: