Windows Police Plus virus infection with no resistance

[twl845]

This is the second time in a month the above virus got through unchallenged and disabled all of my anti-spyware apps and Avast. The first time I was able to get rid of it following instructions in Bleeping computer.com, and then scanning with Malwarebytes as per instructions. This time my hard drive became so corrupted, it had to be cleaned out followed by a XP re-install. Why does this virus just fly by Avast?

[YoKenny]

If you had purchased Malwarebytes for the one time fee then Windows Police would not have been permitted to install.

Windows Police is not a virus it is a rogue anti malware application:
http://www.virusbtn.com/resources/glossary/rogue_antimalware.xml
http://en.wikipedia.org/wiki/Rogue_security_software

You need to toughen up your system defences by using a Layered Approach:

anti virus: avast!

anti malware: Malwarebytes' Anti-Malware

Security Monitor: WinPatrol
http://www.winpatrol.com/download.html

Use a HOSTS file:
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

[twl845]

If you had purchased Malwarebytes for the one time fee then Windows Police would not have been permitted to install.

Windows Police is not a virus it is a rogue anti malware application:
http://www.virusbtn.com/resources/glossary/rogue_antimalware.xml
http://en.wikipedia.org/wiki/Rogue_security_software

You need to toughen up your system defences by using a Layered Approach:

anti virus: avast!
YoKenny - Thanks for the response. I will heed your advice and purchase Malwarebytes. I hope you're right. As for a layered approach, I would have thought Avast, Superantispyware Pro, and SpywareBlaster running real time, and Malwarebytes on demand would be enough. If I purchase Malwarebytes, I would think running it real time alongside Superantispyware would be a conflict in the event of an infection. Do you recommend that I use Superantispyware Pro that I paid for on demand? What do I do when an infection that Superantispyware Pro catches rather than Malwarebytes comes along? I agree that Malwarebytes has turned out to be a superior app. though. What are your thoughts? 
anti malware: Malwarebytes' Anti-Malware

Security Monitor: WinPatrol
http://www.winpatrol.com/download.html

Use a HOSTS file:
Blocking Unwanted Parasites with a Hosts File
http://www.mvps.org/winhelp2002/hosts.htm

[YoKenny]

It is really hard reading your request inside the Quote.

End the quote with the end quote tag

Code: [Select]

[/quote]
I do not use SUPERAntiSpyware as it is good at removing malware but not stopping it from installing.
It does not conflict with MBAM though.

[DavidR]

@ twl845
In the same way it isn't recommended to have two resident AVs, the same is probably correct for two resident anti-spy/malware applications.

So If you have SAS Pro (resident) use MBAM as the free option as an on-demand scanner.

@ YoKenny
If you didn't use SAS Pro with its resident protection, how would you know if it could stop malware being installed or not, short answer is you can't. In the same way I can't say the MBAM can't stop malware from installing as I don't have the resident options only on-demand.

[twl845]

@ twl845
In the same way it isn't recommended to have two resident AVs, the same is probably correct for two resident anti-spy/malware applications.

So If you have SAS Pro (resident) use MBAM as the free option as an on-demand scanner.

@ YoKenny
If you didn't use SAS Pro with its resident protection, how would you know if it could stop malware being installed or not, short answer is you can't. In the same way I can't say the MBAM can't stop malware from installing as I don't have the resident options only on-demand.

DavidR - That's exactly as I was taught. I'm not sure whether MBAM can stop the trojan "Windows Police Plus" from initializing or not. www.Bleepingcomputer.com's instructions say to remove the trojan from Task Manager downloading a file and removing it, and then clean it and quarantine it in MBAM. This procedure worked for me the first time I got hit a month ago. This time in the attempt my hard drive became corrupted and I was screwed. For YoKenny to say Avast didn't detect it because it's a rogue, if that's what he meant, doesn't hold water. You should have seen Avast swing into action for the Vundo trojan. 

[YoKenny]

All that proves is that SUPERAntiSpyware Pro (SAP) is not effective at stopping Windows Police and maybe not MBAM as well.

Windows Police is a new infection
http://www.precisesecurity.com/rogue/windows-police-pro
http://www.malwarebytes.org/forums/index.php?showtopic=28411

With all the infections being reported about Windows Police I would expect that both MBAM and SAP will have prevention protection soon and when avast! will have protection I have no idea.

WinPatrol would have poped up a warning that Windows Police was trying to install behind your back.