I've got to let the rest of you know about this too as this software can possibly destroy your computer.

I was in the SHIII Mods section earlier today and looking at the website that has the map Jimbuna has posted on gaps in the navagation channels. http://www.subsim.com/radioroom/showthread.php?p=1796442#post1796442

While on that site I was hit again by an antivirus software installer. Name is - XP Antivirus 2012. This is an updated version of that last one i was hit with. You DO NOT know you have it until it pops up. You cannot get rid of it, your antivirus software and your OS firewall will shutdown. It even stops Microsoft Security Essentials from running. It will also get by your router's firewall. Not your fault Jim, but I had to give you guys a heads-up on this. This thing is very nasty and can do a lot of damage to your computer.

The only way I was able to get rid of it is by System Restore. Yeah, power up and tap F8 continuousely to get into Safe Mode. But here's the hitch. You MUST log in as the Administrator. If you try any other way to log in this malware will not let you go to System Restore. By using Admin you will go directly to System Restore. Run SR and this crap will be taken out of the loop and your computer will run ok once again.

Info from another website:
XP Antivirus 2012 is actually a nasty PC infection that utilizes a harmful Trojan and is a rogue security application that is intent on stealing as much of your hard earned money as XP Antivirus 2012 can.Some other common symptoms that manifest from a rogueware/trojan infection are:

- Installs itself without user knowledge or permission.
- Connects to the Internet without user permission.
- Annoying fake pop-up alerts.
- Installs other types of adware and spyware without user permission.
- A dramatic decrease in overall PC functionality.
- Remains constantly running in the background.If XP Antivirus 2012 is left to corrupt your PC registry, XP Antivirus 2012 may leave your PC vulnerable, unsafe, and unprotected, and if not treated as soon as possible, XP Antivirus 2012 has the ability to result in a complete collapse of your PC system.
To check your computer for XP Antivirus 2012, download SpyHunter Spyware Detection Tool.
SpyHunter spyware detection tool is only a scanner meant to assist you in detecting XP Antivirus 2012 and other threats. If you detect the presence of XP Antivirus 2012 on your PC, you have the opportunity to purchase the SpyHunter removal tool to remove any traces of XP Antivirus 2012.

And lastly this from a friend:
[QUOTE]Details on getting rid of it.
not free- http://www.enigmasoftware.com/products/spyhunter/
Free- http://download.cnet.com/Ad-Aware-Free-Internet-Security/3000-8022_4-10045910.html
http://www.wiki-security.com/wiki/Parasite/XPAntivirus2012/
Also I suggested you guys get and run sandboxie to protect yourselves from any malware -virus crap.It's so easy to use and install even the wife uses it.Basically it locks down you're PC as u browser the net.It works with Firefox,Chrome and internet exploder!Programs are run in a "sandbox" and can't infect you're pc that way.I love it.It's free 2.
http://www.sandboxie.com/

The Sandboxie program is free from here.... http://www.sandboxie.com/index.php?DownloadSandboxie Click on the Sandboxie box on the right. I'm using it now and I'm having no problems with IE8. Hope it does as they say it will.

Start PC in safe mode with networking then download and run 'Malware Bytes'. http://www.malwarebytes.org/

Another word of advice is that when you are presented with installing some questionable software do click yes, do not click no or the "X" to close, these mean yes!!:nope: What I do in XP not sure if it is still utilized in Win 7, is hit Alt-Ctrl-Del then under Application tab select the browser and select "End Task", this will close the browser but be aware that when the browser is restarted the windows/tabs may re-open, close them down quickly!:yep:

Most of the time, ANY button you click on those pop ups (X, Yes, No, Cancel, and sometimes even ALT,CTrL,DEL, etc...) means "Start the installing procedure." And sometimes that popup happens once the software has already installed itself.
I've had to do so many system restores due to these pieces of trash and they're so proliferated now that it's hard not to hit one just doing a standard web search for ANYTHING. I got hit by one of these things from an add that popped up on CNN's website while reading news stories once. My question is, if these malwares and the way they infect the computers is known, how do these things just "jump right in" past all the protection ?
These types are the most PREVALENT and annoying malwares out there right now ! Why can't they put in something to protect from them ???

Seriously. If I ever catch the people who write these things (XP Defender, Virtumonde, etc..), I'm going to beat the living snot out of them.

http://www.f-secure.com/en/web/labs_global/removal/online-scanner

Is also a good option.

Thanks for the warning GT, fortunately I've never visited the site because I have all the maps saved to HD :yep:

Haha, I watch all my porn on other people's computer!:O:

This program doesn't always come from porn sites, you can get it from anywhere on the net. And as I said, it's been refined so you Do Not know it's installing. It will just pop up and do it's thing after it installs.

Again, no problem Jim. I don't remember who had the link posted but I don't think it was you. I've found out that System restore woun't get rid of it but only hides it.

Info from another site that is also watching this:
Combofix, MBAM and Spybot should get rid of that... System restore will not get rid of the malware because it tends to hide in the system restore files..

Get combofix at bleeping computer, only from their site because anywhere else it is probably malicious.
get MBAM from download.com (Full Scan)
get Spybot from their site or download.com

I run all three from safe mode with networking, combofix is an awesome program and is totally free.

I like to run a program called CCleaner, also at download.com, to delete junk files and registry errors.

And whatever you do, do not give that 2012 program your credit card number... I have talked to so many people that have its unreal. The program is designed mainly to get your credit card and then lock you out of your PC.

Note: All this info is also posted in the SHIII Mods section.

Again, no problem Jim. I don't remember who had the link posted but I don't think it was you.

Rgr that...definitely not me :o

@GT182,

I've run across this problem many times as I help alot of friends and such with thier computers.
Combofix is my standard Tool for correcting the attack.
(I have suffered from it many times myself)

I keep a USB Stick handy that I can boot from and run Combofix from that.

I went through that whole thread but the suspect link is gone it seems.
:hmmm:

No, I just read in PC magazine not too long ago, they said this problem diffinitely only comes from visiting porn sites.


.

Well I wouldn't have thought that minefield charts would look very sexy :DL