A rusty cheesegrater?

The rustier the better.

Following the application of said rusty cheesgrater, have plenty of salt and lemon juice for the "treatment" of the resultant wounds.

I had friend get that, after I told them NOT to download it when they got a message. They got the message again..................

They are on their own to get rid of it. I already got two nasty viruses off their PC.

Actually, I've taken to calling it blackmail-ware. It holds your system hostage until you pay them. Or get rid of it somehow. There is still a good arguement for it being a virus though, due to the way it hijacks programs. True spyware is pretty invisible to the end user, other than system slowdown.

The people here are pretty good at the cleanup thing. http://www.dslreports.com/forum/cleanup

No offense, but you're wrong all the way across the board on your use of terminology, and crap like that muddles the waters. A computer virus is a malicious program which corrupts and destroys data by copying itself until all system resources or available disk space is consumed, like a negative-strand RNA virus does. A virus also has the ability to spread itself (via disk, e-mail, or other means.) A worm corrupts or destroys data by actually deleting it, not replicating until it overwrites other items.

Malware such as WinAV(X) falls under 2 headings, that is spyware and hijacker. It is spyware, as a portion of the 2007 and 2008 versions had keystroke loggers which would record information and transmit it to an offsite location. It was a hijacker (or browser hijacker) in that it would insert itself into your tcp/ip stack and 'hijack' the direction or search that you are attempting to do. It is IN NO WAY a virus, as it 1: Does NOT destroy data (merely records or manipulates it,) 2: Does NOT replicate, and 3: Does NOT spread itself (it has to be downloaded by a end user).

Further, spyware is rarely invisible to users, and in most cases is actually helpful. For instance, every cookie you have on your PC is spyware, and it doesn't actually do anything except assist you in surfing.

I wouldn't indiscriminately classify every cookie as spyware. There are many which are genuinely helpful, like the ones that make sure this forum knows who you are from session to session. Spyware is designed to send information that you didn't authorise to people who can misuse it. Cross-site cookies (sometimes called tracking cookies) are like that - most online advertising systems use them, unfortunately - and so is stuff like WeatherBug.

WeatherBug and XPAntiVirus are Trojans, in that they pretend to do something helpful for the user (to encourage installation), but actually do something malicious. The term comes from the legend of the Trojan Horse. In XPAV's case, it makes itself extremely difficult to uninstall, and then throws up bogus malware warnings to make the user send money to the bad guys (and probably enough information for identity theft too). Trojans are often spyware, but they can do other nasty things instead or as well.

A virus is any malware which can self-replicate by attaching itself to files, usually executables or libraries, but occasionally images or other documents. The files may or may not be recoverable after infection.

A worm is malware which can transmit itself between computers automatically and requires no explicit user action to install itself. It is possible for a single malware to be both a virus and a worm.

A rootkit is malware which infects or manipulates the operating system's kernel, and thus causes itself to be well-hidden from any software, or even manual inspection, running on the infected computer. This does not include malware which merely disables antivirus software. Rootkits are relatively difficult to write, and extremely difficult to remove.

Waaaaaaaaay off topic: in Finland every resident has a SSN. It's your birthday (ddmmyy), a separator, and four characters. The separator is + if you're born in the 1800's, - if you're born in the 1900's and A if you're born in the 2000's. The last four characters are ***# where *** equals a number and the # equals the check character which can be anything from zero to Z (omitting a few letters to avoid confusion). Those first three numbers in the latter part indicate your ordinal number of the day - even numbers are for girls and odd for boys (there you go, all male people here! You're odd! :P) Finally, the check character is then calculated. The first nine numbers (111111-111) are divided by 31 and the remnant indicates the character. If it's 9 or less, the check is a number. If it's 10, it's A and so on.

The best thing is you can't really do anything without this SSN and those foreign phishing and other things rarely ask to get this. So I consider myself safe here in a marginal country of the world.

Sorry for the OT.

Most interesting. I just checked that formula for the check-digit on my own Finnish henkilönumero, and it works! If you treat the nine digits as a contiguous integer, that is.

Aaaaaand here you notice how much a person can know about totally irrelevant things. I found that out on some history lesson in elementary school.

Regarding what is known as "tracking cookies:" you would be surprised at how many cookies for legit sites get flagged as evil by antispyware apps: MSN.com, pricegrabber.com, and many others.

As far as Weatherbug, personally I think it sucks as it slows down your internet connection and you can always go on weather.com anyway. However, it is not malicious anymore like the very first version. At work they have told us "remove it from a client's PC if you want but please don't tell them it's spyware." Weatherbug is known to sue people for listing their product as malware.

BTW, before this new variant of Antivirus2009 hit the streets, all that was needed to be done was delete the program files folder then run a scan by a app like CounterSpy or Malwarebytes. Seems like the new version caught up to that, though.

HAHAHA! I beat the bastard!

Or rather, a cocktail of cleaners seems to have.

Previously, I had deleted the av2009.exe from the Progran Files folder, and disabled several programs from starting via msconfig. This had stopped the popups, but the websearch hijacking and refusal of various cleaners to run continued to be an issue. Today I tried one last shot that was suggested to me by another IT aquantence. Microsoft's malware scanner/remover (available here), run from Safe Mode. It did not report finding anything, but apparently disabled the portion that was keeping other programs from running. I was able to run Malwarebytes' Anti-Malware and SmitFraudFix, which seems to have cleaned the issue. Searching is no longer being redirected, and programs are running as they should. I will be monitoring the infected computer for a few days of normal use, but so far things look good. I'm going to go celebrate with `za and Dewskis.

Huh, Windows Malicious software removal tool actually did something? Pass me a brewski!

I know...that's why I didn't try it at first. Usually it's been circumvented within hours of release, if not before.