Old Red Jacket Talker

Just an old RCMP dispatcher’s ramblings . . .

Nasty Fake Rogue Anti-Spyware Program

It appears there is another fake rogue anti-spyware program that has just popped up.  The program gives you a ‘Fake Microsoft Security Essentials’ warning that you are infected.  The end result is you do get infected by ‘Windows Process Regulator’ and it doesn’t want to go away peacefully.

Any ‘exe’ files will start to run and then shut off.  So trying to fix up with Malwarebytes doesn’t cut it.  Even trying to use your Task Manager to ‘end task’ the beast doesn’t work.  Eventually I did find a site that explained how to cure this ‘nasty’.  If you have another computer, then you can view the site and work on your infected computer.  Go to Remove Windows Process Regulator and follow along the instructions.  There are other sites out there, so you can just do a search for ‘remove windows process regulator’ and I’m certain you will find something to help.

You want to get the RKill installed on your computer first.  Be aware that some of the RKill install files will not work with the Process Regulator running.  Try a few of them.  I saved them to a USB stick on a good computer and then ran the file on the infected computer.  I did have to try 4 different files before I could get one to work.  The one that worked for me was the WiNlOgOn.exe download link.  Hopefully you can find one to work for you from the link above.  Once you have the file on your infected computer, run it and let it ‘kill’ the processes.  You then need to download and run the ‘shell.reg’ file.  Once that is done, you can then effectively run Malwarebyte’s Anti-Malware and clean up your computer.  I always like to run SuperAntispyware (or SpyBot, or AdAware, etc) after the Malwarebyte’s to ensure I have gotten rid of the ‘nasty’.

Some will wonder why your Anti-Virus doesn’t protect you from this threat.  You will find that this isn’t a virus but malware, so your anti-virus probably won’t sound a warning for you.  The end result for this thing is dropping a Trojan onto your computer which is trying to get your login information for you banking, etc. 

Damn I hate people that create these things Sad smile


March 31, 2011 - Posted by | Computer Information

No comments yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

%d bloggers like this: