Nothing can get rid of virusprotectpro

Discussion in 'other anti-malware software' started by geepondy, Oct 8, 2007.

Thread Status:
Not open for further replies.
  1. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    Please re-read, Nothing can get rid of virusprotectpro I WAS WRONG!!!

    The girlfriend's computer is infected with Virusprotectpro which is another one of these apps that bombards you with popups saying your system is infected with multiple malware and want you to purchase a program to remove it. I tried ZoneAlarm security suite, Webroot spysweeper and lastly superantiviruspro, highly recommended here in performing scans in hopefully identifying and removing this. Although the detected Zlob trojan I believe is removed which I think must have been responsible for it's installation, the program itself still exists. There are two flashing plus signs in the taskbar that among other things want to go to the internet to a virusprotectpro page (I have kept the system offline). I have looked at removal instructions for this problem and the manual mode involves removing dozens of entries with seemingly more added to the list all the time. Unless you guys have another suggestion I'm going to reinstall her backup cds, putting the computer back to day one status.

    Kinda disappointed three major apps could not get rid of this. Doesn't exactly leave me with a warm and cozy feeling about just how good these programs are and perhaps the bad guys have the upper hand in the war against malware.

    Edit, read last post.
     
    Last edited: Oct 9, 2007
  2. Xenophobe

    Xenophobe Registered Member

    Joined:
    May 26, 2007
    Posts:
    174
  3. geepondy

    geepondy Registered Member

    Joined:
    Dec 17, 2005
    Posts:
    63
    Superantispyware, the program I never read about in any PC magazines nor never heard of till I came here, came to the rescue.

    I allowed the system to go online long enough for superantispyware to update, despite the bombardment of Internet messages from a hijacked browser. I then reran superantispyware and it was incredible all the new stuff it found. Here is a list from the generated log in which I deleted everything but the headers. Keep in mind this is the second scan after the update. You should have seen all the cookies in the first scan.

    "SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 10/09/2007 at 07:33 PM

    Application Version : 3.9.1008

    Core Rules Database Version : 3321
    Trace Rules Database Version: 1322

    Scan type : Complete Scan
    Total Scan Time : 00:45:28

    Memory items scanned : 438
    Memory threats detected : 6
    Registry items scanned : 5161
    Registry threats detected : 381
    File items scanned : 34208
    File threats detected : 76

    Trojan.Smitfraud Variant
    Trojan.Smitfraud Variant-Gen/AM
    Trojan.Media-Codec/V4
    Adware.Tracking Cookie
    Trojan.Media-Codec/V3
    Malware.VirusProtectPro
    Malware.VirusRanger
    Malware.MalwareBurn
    Malware.AntiVirGear
    Browser Hijacker.Favorites"



    I let it quarantine everything, rebooted and thus far everything seems to be fine. IE now works properly again and no evidence of remaining malware. Because of how much it found, to be safe I might want to consider reformatting anyhow but I think I'll just keep the machine on for a couple of days and do a rescan and see if everything is ok.

    Any ideas how this much stuff could have gotten on the PC which I think was mainly used by the girlfriend's kid? The machine was running NIS in which the subscription had run out three months ago so I'm sure that is the major reason but I saw no evidence of downloaded material or other P2P activity just a very healthy Yahoo list of chat contacts, I suppose normal for a kid.
     
  4. Meriadoc

    Meriadoc Registered Member

    Joined:
    Mar 28, 2006
    Posts:
    2,642
    Location:
    Cymru
  5. Franklin

    Franklin Registered Member

    Joined:
    May 12, 2005
    Posts:
    2,517
    Location:
    West Aussie
    Dropped in on friends that have their own business today and they were having grief with one of their PC's.

    This one pc had Norton's 360 just put on and it couldn't do jack with the smitfraud variants that I noticed.

    Downloaded SAS and it did an excellent job in finding/cleaning up.:thumb:

    "But Nortons is supposed to be the best" they exclaimed.:thumbd:
     
  6. cheater87

    cheater87 Registered Member

    Joined:
    Apr 22, 2005
    Posts:
    3,125
    Location:
    Pennsylvania.
    Get Spyware Terminator it has a real time shield and that can protect them.
     
  7. Long View

    Long View Registered Member

    Joined:
    Apr 30, 2004
    Posts:
    2,295
    Location:
    Cromwell Country
    When clean I suggest that you get a good image program to allow you to restore a clean image should this happen again. If I was ever infected I can't imagine that I would be happy with some mickey mouse cleaning program - better to restore a clean image.
     
Thread Status:
Not open for further replies.