Quicksand Fans

"Windows Police Pro". Don't know how this sucker got past the router, the firewall, and up to date AV software on Weredragonlady's computer, but it did.
It's a fake antispyware program- it generates fake scans and finds fake viruses/trojans/malware, but tells you "evaluation copy only- removal is disabled" and tries to get you to buy the full version! Whiskey, Tango, Foxtrot?
Major PIA to get rid of- like trying to sink a Reubenesque model with 38DD breasts- it kept popping back up. Hopefully the techs at AVG will use the info I sent to put a cure for this one in their next update. The d__n thing even hijacked Windows Security Center and killed/blocked a bunch of things like "add/remove programs" to protect itself.

It's not the most elegant fix but its effective against this -

Go here and do what Bill Gates tells you. Run the full scan -

http://onecare.live.com/site/en-us/defa ... ?s_cid=sah

I swear if I ever catch the people who propagate such things I will shoot them right between the eyes, twice, with a smile on my face.

No, I'm not kidding.

The techs at AVG (our AV provider) fixed me right up. IIRC the Russian Mob (presumably) ordered a hit on a spammer who had sent spam to every email address ending in ".ru". Found beaten to death in his apartment elevator with a pipe- no witnesses.

Duncan Edwards wrote:It's not the most elegant fix but its effective against this -

Go here and do what Bill Gates tells you. Run the full scan -

http://onecare.live.com/site/en-us/defa ... ?s_cid=sah

I swear if I ever catch the people who propagate such things I will shoot them right between the eyes, twice, with a smile on my face.

No, I'm not kidding.

nachtjaeger wrote:The techs at AVG (our AV provider) fixed me right up. IIRC the Russian Mob (presumably) ordered a hit on a spammer who had sent spam to every email address ending in ".ru". Found beaten to death in his apartment elevator with a pipe- no witnesses.

They could have charged admission. I would have payed and brought friends too.

I got a virus right now that has done something I have never seen before, and that is it selectively disables all known spyware removers so you can't even do a scan to try to find it. I've tried maybe 5 or 6 free progams and a pay one, and even if I can get one to run the scan, it finds all sorts of stuff but the bug doesn't let you remove it. Then, after you try the scan program, it disables some windows system file that "Erases" the program from existence and gives an error message saying Windows can't find the path or some baloney when you try to open it again. Anyone else ever had this?

Feeling pretty smug right now, perched behind my trusty Mac!

rickyj wrote:I got a virus right now that has done something I have never seen before, and that is it selectively disables all known spyware removers so you can't even do a scan to try to find it. I've tried maybe 5 or 6 free progams and a pay one, and even if I can get one to run the scan, it finds all sorts of stuff but the bug doesn't let you remove it. Then, after you try the scan program, it disables some windows system file that "Erases" the program from existence and gives an error message saying Windows can't find the path or some baloney when you try to open it again. Anyone else ever had this?

We have had something very similar here. The malware is created in China. Very, very sophisticated thing. Can survive reinstallation of the OS. And if it compromises a router or http or ftp proxy server, it can infect the files that are being downloaded by other nodes.

nachtjaeger wrote:IIRC the Russian Mob (presumably) ordered a hit on a spammer who had sent spam to every email address ending in ".ru". Found beaten to death in his apartment elevator with a pipe- no witnesses.

Do you mean the case of the director of so-called "American English center" in Moscow? I haven't heard any details of his death but I can confirm: nobody sympathized. There were not only .ru mailboxes spammed. Here in .ua was the same, and, I suppose, in other ex-USSR counties too. I constantly get tons of spam messages about something that happens or is offered in Moscow.

Duncan Edwards wrote:It's not the most elegant fix but its effective against this -

Go here and do what Bill Gates tells you. Run the full scan -

http://onecare.live.com/site/en-us/defa ... ?s_cid=sah

I swear if I ever catch the people who propagate such things I will shoot them right between the eyes, twice, with a smile on my face.

No, I'm not kidding.

In the last week, I've had to help de-pest six peoples' computers infected with a variation of this little nasty. I'll join you. If i find the fucker who first originated the scam, I'll cut open his chest and eat his fucking heart raw.

We'll have a party. I'll bring the chainsaw, you bring the beer.

Chimerix wrote:Feeling pretty smug right now, perched behind my trusty Mac!

Feeling even more smug then you because while my PC might occasionally give me trouble, I didn't overpay by about $2000 for it. I'd be willing to give Macs a try if the damn things didn't cost and arm and a leg.
nachtjaeger, glad to hear AVG helped you out. They've been very good to me in the past when I've had issues like this pop up. You might also want to try their anti-spyware package if you haven't already. I got it at a discount when I renewed my anti-virus liscense about a month ago and couldn't be happier.
Also, anybody who want's to shoot spammers has to get in line behind me.

nachtjaeger wrote:IIRC the Russian Mob (presumably) ordered a hit on a spammer who had sent spam to every email address ending in ".ru". Found beaten to death in his apartment elevator with a pipe- no witnesses.

Do you mean the case of the director of so-called "American English center" in Moscow? I haven't heard any details of his death but I can confirm: nobody sympathized. There were not only .ru mailboxes spammed. Here in .ua was the same, and, I suppose, in other ex-USSR counties too. I constantly get tons of spam messages about something that happens or is offered in Moscow.

I can't bring myself to like organized crime, but today, they've brought a smile to my face.