Yesterday evening, my computer was infected with a horrible horrible malware ironically called “XP Antispyware 2010″, which installed itself without my knowledge, and started popping windows and alerts that my computer was infected with tons of trojans and spyware, and urged me to register it. I was able to kill the running process “av.exe” with Task Manager, but as soon as you launch any program such as Internt Explorer or Firefox, this process will start running automatically, and windows and alerts start popping like crazy. I was very alarmed by it fearing it may render my computer effectively unusable. This rogue program acted like a rogue party crasher that barged into your house, uninvited, and started trashing around the house and yelling orders to you. While this program is running, it would try to rearch some remote website stealthly – one of them is tulibonerduma.com.

I stopped that computer, and I was luck to have another notebook computer by my side, and started immediately researching this program “XP Antispyware 2010″. It turned out that it would install itself onto the system, modify the registry in such a way that launching any program will get this malicious program launched too, and it also allegedly prevents real antiwalware programs to be launched.

For ways to remove this horrible walware, I found many references to a tool called Malwarebyes’ Anti-Malware. But I am generally suspicious of such tools, fearing the cure might be worse than the illness or jumping from the frying pan into the fire. I know sometimes malware and malware remover work hand in hand to get into your computer with the same malicious intent.

I finally decided to try one of the suggestions some users proposed, but somehow was not promoted by any of the web pages. That is, to use the System Restore feature, native to Microsoft Windows XP. And I was lucky to find out that there was indeed an restore point one day before the problem first manifested itself on Friday evening. I chose to restore to a Thursday restore point. Windows rebooted and the restore was successful. I thank Microsoft for having such a useful feature nicely tucked into the operating system, and quietly creating restore points along the way, and came to the rescue when it is called upon.

I ran the system restore early this morning, and I have not had any manifestation of the horrible malware. May it not rear its ugly head ever again.

How it got onto my computer, I am not sure. I am usually a cautious person and quite savvy about internet security, and would not be one of those that could possibly click an email attachment or anything. My suspicious is that it got onto my computer by simply me visiting a web page using Firefox. As that was what I was doing when the first such manifestation occurred.

For more information on this malware, here is an article on it.

  • Digg
  • del.icio.us
  • StumbleUpon
  • Sphinn
  • Facebook
  • Mixx
  • Google Bookmarks
  • Haohao
  • LinkedIn
  • Live
  • MyShare
  • MySpace
  • Reddit
  • Technorati
  • TwitThis

Related posts:

  1. Game Related Domains

Tags: , , , , ,

Leave a Reply

You can use these tags: <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <strike> <strong> <pre lang="" line="" escaped="">