About Me

My photo

Tech journalist since the dark ages. Windows Secrets, LangaList newsletter, Windows Magazine (NetGuide, Home PC), Byte, Popular Computing, yadda yadda yadda. Google me, if it matters.

This feed is mostly personal interest; it's NOT my professional writing. There's tech here, yes, but also lots of general science and some politics and weird humor thrown in.

Wednesday, April 6, 2011

I deliberately infect my PC with 'LizaMoon:' a blow-by-blow account

Top Story, April 7, 2011

LizaMoon infection: a blow-by-blow account

By Fred Langa

A nasty piece of malware known as LizaMoon has hijacked links on millions of websites in the past weeks, including some normally safe iTunes and Google links.

Fortunately, LizaMoon is easy to avoid if you know what to look for.

Using rogue-AV scare tactics, LizaMoon tries to trick you into running bogus security-scan and virus-cleanup tools on your PC — but it's pure malware.

If allowed onto your PC, this particular ploy is especially troublesome because it can partially disable the Windows Security Center and change the Registry so that the full WSC can't be restarted. It also interferes with Microsoft Security Essentials, if MSE is running. (You'll find lots more LizaMoon news coverage via Google.)

My encounter with LizaMoon started unexpectedly one evening when a suspicious warning popped up on my screen. As discussed in a previous Top Story, I use Microsoft Security Essentials and the Windows 7 firewall to protect all of my PCs. In over a year of constant use, I'd never had any malware trouble. But that abruptly changed.

That evening, I was searching for something through Google — I don't recall what. When I clicked a link, a blank page overlaid with the dialog in Figure 1 popped up instead of the site I was expecting....

Media_httpdownloadwin_xhqwf

rest of the story (free): windowssecrets.com

Posted via email from Fred's posterous