BleepingComputer.com: Windows Police Pro Update

Hi let me start by saying I am a huge fan of this site. It has always provided accurate information and I know that it does NOT promote or 'bump' itself on google searches for things that it does not have an entry for.

Ok I just finished walking someone through removing this obnoxious program Windows Police Pro but I noticed that the psuedo-shell that he had was not either of the listed varients on your site. The restarter was listed as svohost.exe. I know it is impossible to keep up with every little change to every virus but I thought that instead of naming exactly what to look for you should point users to the Hijack log entry for O23 - Service: AntipyProex (AntipPro2009_100) - Unknown owner - C:\WINDOWS\(immitation of svchost.exe).

Alternativley they could find the entry for this application under the services administrator tool in the control panel. This would be great if for some reason running or installing HTJ was not an option.

I know that this complicates things for some users who don't want to do an ounce of thinking for themselves; but in the long run it might be a more accurate practice?

This is my first post on this site but I keep this ID virtually everywhere I log into, and I know that everybody online calls themselves an "expert" but to call myself advanced would be misleadingly modest.

Hi ComputerGeek,

Sorry for not responding sooner. We have updated the guide to include this information. I understand what you are saying about shutting down the service based on the service name and what it is trying to imitate. Unfortunately, the service name changes frequently so it may make it hard for people to find it. For example, the service name and executable combinations have been the following so far:

O23 - Service: AntipyProex (AntipPro2009_100) - Unknown owner - C:\WINDOWS\svchasts.exe
O23 - Service: AntipyProex (AntipPro2009_100) - Unknown owner - C:\WINDOWS\svchast.exe
O23 - Service: AntiPol - Unknown owner - C:\WINDOWS\svchast.exe
O23 - Service: WDefend - Unknown owner - C:\WINDOWS\svohost.exe

You have to understand that BC was created to contain easy to understand instructions for people of ALL experience levels with computers. That means that there are many people who just would not be able to determine what file would be similar to svchost.exe or not. Technology and computers can be confusing for many people, regardless of how bright they are.

I have updated the guide, though, to make it easier for our users to kill these restarters and process killers so that the user can then run their normal antivirus programs.

Welcome to the site btw