Antivirus Pro scamware

Just knocked this one out myself (anti-virus SW didn't find it), but I didn't find much helpful info out there on the variant that affected my laptop. Likely became installed somehow from accessing a web site. Slightly embarrassed to note that I had 49 pending (high priority) Windows updates to apply when this happened... As described elsewhere, this malware repeatedly generates false alerts stating that your files are infected with a virus. Attempts to run task manager or any other programs are thwarted while it is running (new window opens then closes immediately followed by yet another alert).

In my case, logging out of the Windows session and logging back in provided a brief interval in which I could launch other applications before the offending process (rkbisysguard.exe) kicked off. Terminating the process stops the flow of alerts.

I run a limited access user configuration, and logging in as another user (administrative) did not trigger the app. I eventually determined that the application installed itself as

(user dir)\local settings\application data\(random name?)\rkbisysguard.exe

and was launched using this registry setting:


I simply deleted this registry setting and the corresponding executable.


de Menezes case settled

Britain to Settle Case of Brazilian Shot as 'Terrorist'. Revisiting an old case.

The killing of Mr. de Menezes rocked Scotland Yard — as London’s Metropolitan Police is widely known — and contributed to the forced resignation last year of Sir Ian Blair, Britain’s top police officer.
"The Commissioner would like to take this opportunity of making a further unreserved apology to the family for the tragic death of Jean Charles de Menezes and to reiterate that he was a totally innocent victim and in no way to blame for his untimely death."

Filed under: Politics/War Comments Off