Jump to content

Spyware Protect 2009

samspoolhall
 Share

Recommended Posts

samspoolhall

samspoolhall

Posted
Posted

I'm getting all the symptoms of a Spyware Protect 2009 infection. I'm getting the large screen that shows many infections. I'm also getting the small box that tells me there is an infiltration alert. I installed MBAM and updated and ran it, but it finds nothing. This seems to be the cleanest PC I've looked at. I have also used Ad-Aware and Norman Malware cleaner. Can anyone help?

Link to post
Share on other sites
samspoolhall

samspoolhall

Posted
  • Author
Posted
I just cleaned a computer with MBAM yesterday afternoon that had Spyware Protect 2009 installed on it. Are you sure you're using the latest definition file? If not, try updating and the scanning again...

I'm sure it's the latest version - I just updated before scanning. I even did a full scan.

Link to post
Share on other sites
Maniac

Maniac

Posted
Posted

Greetings.

To get you fixed up please follow the instructions here: I'm infected - What do I do now?

And post your logs in a new topic here: Malware Removal - HijackThis Logs

Please be sure not to install any software or use any removal/scanning tools exept those that you are

instructed to by the expert who will be assisting you as doing so can make their job much more difficult.

note: if for some reason you are unable to run some/any of the tools in the first link, then skip that step and move on to the next one. If you can't even run HijackThis, then just post here: Malware Removal - HijackThis Logs describing your issues and an expert will reply with further instructions.

I hope I was helpful. Good luck and safe surfing. :P

Link to post
Share on other sites
GT500

GT500

Posted
Posted
I am having the same issue, but I've found that I run the application several times and it has cleaned the Vundo H trojan, but still working on Spyware Protect 2009

Please follow these instructions (skipping any steps you are unable to complete) for posting in our Malware Removal - HijackThis Logs forum. If you cannot follow any of those steps, then please create a new topic in that forum explaining what happened when you tried to run each of the tools in the instructions, and the expert who helps you will be able to suggest steps to take to get the tools working.

Link to post
Share on other sites
ilr

ilr

Posted
Posted

I just removed the following,

c:\documents and settings\<user>\protect.dll

&

c:\documents and settings\LocalService\protect.dll

...along with a mess of Autochk.dll's, ChkDisk.dll's & apparently some Rootkit garbage too.

"updating" Malwarbytes & Combofix WAS NOT SAFE at the time!

Infact Malwarbytes was tricked into DL'ing a fraudulent patch (3.8 mb checksum?) just a few days before this at which point everything went haywire. It looks like Maleware makers are specifically targeting Anti-Malware programs and the only way to run any of these things is in complete Safe Mode. I'd upload my complete log as proof, but it's huge and probably not helpful anyway. Sorry and GL everyone.

Link to post
Share on other sites
GT500

GT500

Posted
Posted
Infact Malwarbytes was tricked into DL'ing a fraudulent patch (3.8 mb checksum?) just a few days before this at which point everything went haywire. It looks like Maleware makers are specifically targeting Anti-Malware programs and the only way to run any of these things is in complete Safe Mode. I'd upload my complete log as proof, but it's huge and probably not helpful anyway. Sorry and GL everyone.

That is nothing new. Malware authors have been targeting anti-malware software for many years. I remember 4 years ago dealing with trojans that would block Spybot Search & Destroy. Back then, I just made a BartPE disk to run it from. Malwarebytes' Anti-Malware, on the other hand, was never meant to be run in that fashion.

Link to post
Share on other sites
rmalveaux

rmalveaux

Posted
Posted

After about 6 or 7 scans with Malwarebytes it finally removed all infections. I had to update it again as I done it once yesterday, but didn't clean everything. However ever after updating to database version 2155 and 3 scans of finding various trojans. It worked and Spyware Protect has not come back since.

Link to post
Share on other sites
GT500

GT500

Posted
Posted
After about 6 or 7 scans with Malwarebytes it finally removed all infections. I had to update it again as I done it once yesterday, but didn't clean everything. However ever after updating to database version 2155 and 3 scans of finding various trojans. It worked and Spyware Protect has not come back since.

You may still want to have an expert analyze your logs, just to be sure.

Link to post
Share on other sites
rmalveaux

rmalveaux

Posted
Posted
After about 6 or 7 scans with Malwarebytes it finally removed all infections. I had to update it again as I done it once yesterday, but didn't clean everything. However ever after updating to database version 2155 and 3 scans of finding various trojans. It worked and Spyware Protect has not come back since.

Forgot to mention that you may want to check your AV application as it(or one of the other viruses) stopped McAfee Enterprise 8.7 from updating properly. Will have to reinstall, but that's tomorrow's job.

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Hi GT500.

I came across this post when I was looking on the message boards and I have a question for you.

Does this mean that Malware can come through updates to Malwarebytes? I am just confused because another user posted that he or she had downloaded a patch that was supposedly for Malwarebytes but it infact was Malware and then you replied to him or her with your response.

Thanks, I am just curious and concerned. I hope it isn't the case that Malware can come through Malwarebytes udpates.

That is nothing new. Malware authors have been targeting anti-malware software for many years. I remember 4 years ago dealing with trojans that would block Spybot Search & Destroy. Back then, I just made a BartPE disk to run it from. Malwarebytes' Anti-Malware, on the other hand, was never meant to be run in that fashion.
Link to post
Share on other sites
GT500

GT500

Posted
Posted
I don't think thats what Arthur meant....malwarebytes does not download malware ;)

No, I meant malware specifically targeting anti-malware applications. It's very common for them to try to prevent our software from running.

As far as updating, there are always ways of fooling a security application into downloading a fake update, but if that's happening then your computer or router are already infected with malware.

Link to post
Share on other sites
mountaintree16

mountaintree16

Posted
Posted

Thank you so much for your response GT500.

That clears up my question. The only update that I have ever gotten when using Malwarebytes is the one in the program and I have never seen an instance of foul play with the updates even prior to removing malware. all I see is the little box that comes from the program when I update it.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share
Go to topic listing

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.